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; Faster, Cheaper 


W ho needs Linux?” That’s a ques¬ 
tion that I have heard a lot of 
people asking over the past sev¬ 
eral weeks. It is not being asked in a 
disparaging or negative way — it’s 
not meant to imply that no one needs 
Linux. 

No, the people I hear asking that 
question are trying to sell Linux-based 
products and services, and they are 
asking because they need to know 
how best to focus their sales efforts. 

It’s really an interesting question, 
because depending on who you ask, 
you’re likely to get very different an¬ 
swers. In fact, the answers to that 
question tend to highlight the differ¬ 
ences between the open source soft¬ 
ware development model and the 
traditional closed software develop¬ 
ment model. They also highlight the 
differences between the commercial 
and non-commercial interests of the 
Linux community. 

For example, a good number of the 
developers that participate in the Lin¬ 
ux kernel development effort will like¬ 
ly tell you that they need Linux. Lin¬ 
ux is a great example of the “ scratch 
your own itch” mentality that fuels 
so many open source projects. After 
all, Linux was started because Linus 
wanted a Unix that he could run on 
his desktop Intel machine. 

Many developers continue to par¬ 
ticipate simply for the sense of satis¬ 
faction that they feel for having con¬ 
tributed to the overall effort. Whether 
or not the software is actually use¬ 
ful to commercial interests is, at best, 
of secondary importance to many of 
these developers. 

However, the situation is hardly 
black and white. It’s fair to say that 
many of the core developers share a 
more complicated view of their role 
in the development process. After all, 
many of them work for commercial 
Linux companies, so they share the 
interests of their employer’s custom¬ 
ers, at least to some extent. They may 


need Linux because it fulfills their 
passions as individuals. However, 
they also recognize that their custom¬ 
ers have specific needs, and those 
needs may not necessarily be shared 
by everyone else in the open source 
community. 

Meanwhile, many companies trying 
to sell Linux may find that the mar¬ 
kets they want to sell to-dori ? t feel 
they particularly need Linux at all. 
This places some vendors of Linux 
systems and distributions in a partic¬ 
ularly complicated position. 

All of the commercial Linux players 
are courting enterprise customers, but 
enterprise customers often don’t par¬ 
ticularly care about Linux or open 
source software per se. They simply 
care about solutions that work and 
solve their problems better, faster, and 
cheaper. If those solution happen to 
be Linux, then that’s great. However, 
if those needs are met by a different 
platform, they probably could not care 
less. 

Are we as a community as under¬ 
standing of the needs of our members, 
both technical and managerial, as we 
could and should be? Or, do we be¬ 
lieve blindly in the principle of en¬ 
lightened self-interest, fulfilling our 
own needs and trusting that if we do 
what’s best for us, somehow we’ll si¬ 
multaneously continue to advance the 
common good? 

Rather than further pontificate on 
the issue, I’d like to put this question 
to the Linux community, developers 
and CEOs alike, What do you need 
from Linux? And what do we as a 
community need to do in order to 
deliver on those needs? I’d really like 
to know. 

See you next month, 



Adam M. Goodman 
President & Publisher 
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The Secrets of My Success 

I recently read “Which Tape Drive Is 
Best for Your Linux System” (January 
2001) and found it very interesting. 
However, your numbers seem low to 
me — very low. 

For instance, the DLT8000 drive you 
tested ran at approxi¬ 
mately 2 GB per hour. 

A DLT7000 can easily 
be run at 20 + GB per 
hour, so I would ex¬ 
pect the DLT8000 to at 
least match that trans¬ 
fer rate. I have never 
used Arkeia, so it’s 
possible that those are 
the best numbers they 
could sport — but I 
doubt it. 

The following are some techniques 
I have seen used for trying to get bet¬ 
ter comparison numbers from back¬ 
up products, devices, or hardware 
configurations: 

1. Place the files that are to be 
backed up on a separate drive. This 
drive should be a different physical 
unit, not just a logical partition. This 
can eliminate system contention for 
disk resources. 

2. Back up sets of files (10 KB, 100 
KB, 1 MB, 10 MB, etc.). Because of OS 
overhead, small files are much slow¬ 
er than larger files. For example, I’ve 
seen 10 KB files backed up at 1.14 MB 
per second, while 1 MB files ran at 
6.26 MB per second. 

3. Perform several runs for each file 
size to ensure that your numbers are 
consistent. 

4. Identify how fast the system can 
read from disk (e.g., a simple Perl 
script that measures how fast it can 
read the data). 

5. Identify how fast the system can 
write to disk. 

6. Format the partition prior to cre¬ 
ating files for backups. 

7. Format the partition prior to 


restoring to guarantee that the data 
will be written contiguously (instead 
of being fragmented). 

8. Remount the partition between 
test runs when you are doing back¬ 
ups to avoid skewed results from the 
OS caching files. 

9. Perform the benchmarks with 
easily compressible and 
difficult to compress 
files. Do backups with 
and without compres¬ 
sion. A lot of manufac¬ 
turers choose only to 
report compressed file 
backup numbers. 

10. If the backup pro¬ 
duct supports backing 
up to /dev/null use it to 
simulate an infinitely 
fast tape. 

I understand your techniques. They 
may explain your relatively low num¬ 
bers. However, at least some of the 
techniques that are listed above will 
probably yield some different results. 
Specifically, file size and amount of 
memory may dramatically improve 
performance. 

Tim Burlowski 

VERITAS Software 

Why Ignore K0EP 
GNOME’S Not So Great... 

In “The Future of Linux” (November 
2000), Robert McMillan mentioned 
GNOME and EAZEL but failed to 
mention KDE 2. To paraphrase Dan 
Kusnetzky, VP of System Software 
Research at IDC, the problem with 
GNOME is that it is all dressed up 
with nowhere to go. 

Since ditching Abiword, GNOME 
does not have a word processor. 
GNOME also aims to completely em¬ 
ulate Windows by including Visual 
Basic scripts. If I wanted complete 
conformity of Windows software, why 
would I bother with Linux? The prob¬ 
lem with writing VB code is that it 


eats up development time that instead 
should be spent finishing Abiword 
and Gnumeric. 

The abandonment of Abiword is 
simply incomprehensible. It’s just 
about complete, and I think it works 
very well. Why they decided to aban¬ 
don a word processor that is already 
integrated into their desktop is a mys¬ 
tery. The decision just doesn’t make 
sense. Also, there is no reason why 
GNOME could not ship with the 
Spruce or Balsa MUA in the interim. 
Instead, the Helix people reinvent the 
wheel by creating yet another MUA. 
In the meantime, I can’t get e-mail if 
I use GNOME. 

On the other hand, KDE 2 has a 
fully integrated desktop and is near¬ 
ing perfection. It may not be as so¬ 
phisticated as Ximian’s GNOME. 
However, it is complete and works. 
Software doesn’t have to be flashy; it 
just has to work. End users don’t want 
perfection. Ultimately, they just want 
predictability. 

Jonathan Drews 


Correction: In our January 2001 New¬ 
bies column , the command we listed 
for displaying the names of subdirec¬ 
tories was the following: 

Is | grep ,A d' 

This command will actually list file¬ 
names and directories beginning with 
the letter d. The command should in¬ 
stead be listed as: 

Is -la | grep ,A d' 

or 

11 | grep ,A d' 


Linux Magazine welcomes feedback 
and comments. Letters will be edited 
for clarity and space; please be sure to 
include your name and location. Send 
letters to editors@linux-mag.com. 
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Report from the Front 



The much-anticipated 2.4 Linux kernel was released with little fanfare on January 4th, 2001. 
A V Linus Torvalds simply sent a note to the Linux kernel mailing list announcing the kerneLs offi- 
cial status. Torvalds acknowledges that the 2.4.0 release probably has a few remaining bugs 
but that “things don't get better from having the same people test it over and over again. In short, 
2.4.0 is out there.” The 2.4 kernel series brings improvements in USB support, Symmetric Multi-Pro¬ 
cessing, a new firewall system, addresses up to 64 GB of memory and many other improvements. 

While the 2.4 Linux kernel is officially gearing up, the 2.0 series is winding down. Maintainer Jerry 
Weinehall announced a “final” update to that series on January 9, making the final version 2.0.39. 
http: //www. kernel. org 


IBM is introducing a toolkit that will let Linux developers use fa¬ 
miliar tools to develop programs that run on AIX. The toolkit in¬ 
cludes GNOME, KDE, many GNU development tools, popular libra¬ 
ries, and system utilities. Developers will be able to work with C, 
Guile, Python, and several other languages. The AIX toolkit will also 
allow developers to utilize package management with RPM. 

IBM also proclaimed that both AIX and Linux would be more 
compatible with the release of AIX 5L. That release will incorpo¬ 
rate Linux compatible APIs __ _ ' ■ 

and header files, which will ; 

allow most Linux applications 

to be compiled as-is and run ^ 

on AIX. http://www-.ihm. r~~ ‘fer 

com/serv.ers/aix/products/ 1 gr i " 

aixos/linux | nrrrzi. 


You could almost say that the growth of PHP 

has been dynamic. PHP is now being used on 

more than 5 million domains, according to 

the PHP Group. PHP is 

currently growing at a v | |g|j §g 

rate of 15 percent 

per month, faster 

than the growth rate V J 

of the Web itself. 

The number comes 
from the Netcraft survey of 
Web servers which showed that PHP passed 
the 5.1 million mark in January. 

PHP was developed in 1995 by Rasmus Ler- 
dorf and has become increasingly popular in 
the last few years, http://wwav.php.net 


IBM is introducing a toolkit that will let Linux developers u 
miliar tools to develop programs that run on AIX. The tool! 
eludes GNOME, KDE, many GNU development tools, popular 
ries, and system utilities. Developers will be able to work w 
Guile, Python, and several other languages. The AIX toolkit wl 
allow developers to utilize package management with RPM 
IBM also proclaimed that both AIX and Linux would be 
compatible with the release of AIX 5L. That release will inc 

rate Linux compatible APIs __ _ ' ' ■ 

and header files, which will — - 

allow most Linux applications 

to be compiled as-is and run ^ 

on AIX. http://www-.ihm. r~~ 

co m /servers/a i x / p rod acts/ j gr. , z:;r 


They don't have golden arches, but they can still brag about their numbers served. Since 
SourceForge was launched in January of 2000 more than 100,000 users have registered for 
open source eve opmen ne or w p at pk e iy the world’s largest Open Source Application Service Provider (ASP). Source- 

Forge experienced a growth rate of 30 percent per month throughout 2000 and now hosts an impressive ros¬ 
ter of more than 13,000 Open Source projects including MySQL, TcL, Python, XFree86, and Squid. 

SourceForge provides hosting, mailing lists, CVS and other services for 
Open Source developers and is a part of the Open Source Developers’ 

Network, owned by VA Linux Systems, http://www.sourceforge.net 
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National Security Agency Shares Linux Enhancements 


The National Security Agency (NSA) has chosen Linux as the operating system architecture it will use 
to build a secure computing environment, and has released a set of security enhancements for the 
Linux kernel. The enhancements have been released under the GPL and include role-based access con¬ 


trol and type enforcement, which deter¬ 
mines how users are allowed access to pro¬ 
grams or domains. 



The enhancements are being made by 


the Information Assurance Research Office of the NSA in conjunction with NAI Labs, the Secure Com¬ 
puting Corporation and the MITRE corporation. The public is invited to participate in the project, and 
the NSA is making mailing lists and documentation available along with their security code. 

The NSA is responsible for the protection of U.S. information systems, and for procuring foreign 
intelligence information, http://www.nsa.gov/selmux 




Word came from Slashdot first. On January 
12, an e-mail reportedly sent to Turbolinux 
staff by Paul Thomas indicated that a Letter 
of Intent to merge had been signed by both 
Turbolinux and Linuxcare. Thomas 


The stock market that was once so bullish on Linux has recent¬ 
ly become a bear. Embedded Linux supplier Lineo filed for an 
IPO in May of 2000, but is now backing out. 


Lineo, which specializes in embedded Linux for set top boxes 
and other devices, does not plan to layoff any of its more than 
300 employees. According to Bryan Sparks, the Chief Executive 
of Lineo, the company is still growing, but the condition of the 
Nasdaq led the company to pull the IPO for now. 


is the CEO, President, and Director 
of Turbolinux. 


turbolinux 


According to C|Net, the talks were 
confirmed by both companies. 


Powerful Thinking. 


Thomas will most likely lead the resulting 
company, and Turbolinux will keep its board 
members and add some from Linuxcare. 


According to the company’s press release/continuing the IPO 
process would allow competitors access to financial information 
and business plans as well as "incur unnecessary expense.” Ra¬ 
ther than continuing to file sensitive information, Lineo request¬ 
ed that the .5-1 filing with the SEC be withdrawn. 


Both companies have filed for IPOs, though 
Linuxcare postponed theirs after the depar¬ 
ture of CEO Fernand Sarrat. Both companies 
have also had to lay off staff, and if the com¬ 
panies merge, there may be further layoffs. 
http://www.tiirbolinux.com, http://www. 
linuxcare.com 


http: //■www. lineo .com | 
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Unlike the US Presidential Election, the most cracked server platform race had a clear winner \ x 
right away —- and it was Windows NT. Attrition.org reports that Windows NT was the most com- ' 
promised Web platform between August 1999 and December 1999 with 56 percent of reported 

defacements. While Windows NT led the hall of shame, Linux came in a distant 
lyMi second with all Linux distributions totaling 21 percent of the total. Solaris hosted 
mm I, 8 percent of the cracked sites between August and December. All of the BSD fla¬ 
vors together totaled only 6 percent of the cracked Web sites. 

Operating System results were derived from querying the site at the time of the 
compromise with nmap tools and NetCraft. Red Hat Linux came in first among Linux distributions with 
just over seven percent of defacements, while "unknown” Linux distributions accounted for a little more 
than twelve percent of cracked boxes. Statistics were compiled by Attrition.org and are available at the 
Attrition.org Web site at http://v:/wvv.ati!ltion.()rg/mirror/at!ritioii/osJitmL 
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The real genius lies in what you do with it. 


















































ThinkPad: Linux To Go 


ma 


Rating: 


A /\ /\ /\ f\ 


Pros: 

Huge, beautiful 1400x1050 display 
No problems with Red Hat 7 out of 
the box 

Affordable compared to other 
“desktop replacement” notebooks 


Cons: 

► IBM doesn’t 
mention or 
support Linux 
on this model 

> Too large 
and heavy to 
use on an 
airplane 


Specifications 

CPU 

>- 700 MHz Intel Pentium III processor 

RAM 

>► 384 MB RAM 

Hard Drive Space 

>-18 GB hard disk 

Extras 

>- 6x DVD-ROM drive 

> Three-year warranty 

Additional Resources 

> http://www.zhlive.ch/zhl_ 
contents_linux.html 

> http://www.linuxcare.com/labs/ 
certs/pada20p-suse64.epl 

> http://www.cs.utexas.edu/ 
usersAharker/linux-laptop 



By Alan Zeichick 

BM’s high-powered ThinkPad A20p 
notebook blurs the lines between 
portable computers and desktop 
PCs. Based on a 700 MHz Intel Pen¬ 
tium III processor with an 18 GB 
hard disk, complete with a huge 15- 
inch 1400xl050-pixel screen, this 
notebook can hold its own against 
most desktop systems. 

However, at nearly eight pounds, it’s 
too heavy a notebook to carry 
around and too large to fit on 
an airplane tray table or balance 
on your lap. Think of the Think¬ 
Pad A20p notebook as a desktop 
system with the ability to be 
hauled home, carried to a field 
office, or lugged to a hotel room 
whenever it is necessary. 

Running Linux 

The system reviewed came equipped 
with a 6x DVD-ROM drive, 384 MB 
RAM, and Windows 2000 Profession¬ 
al (go figure). IBM’s support Web site 
for this ThinkPad provided no infor¬ 
mation about upgrading to Linux; Lin¬ 
ux isn’t even mentioned in a separate 
“compatibility matrix” document on 
the IBM site. Thus, we thought Linux 
wouldn’t support all of the notebook’s 
special hardware. We also expected 
the SVGA+ display panel and Crystal 
Semiconductor sound chip to give us 
problems. 

Fortunately, none of these technol¬ 
ogies provided a challenge for Red 
Hat Linux 7.0. Our only problem was 
a crash when Xconfigurator attempt¬ 
ed to probe the 16 MB ATI Rage Mo- 
bility-M3 graphics chip; however, it 
installed fine on a second try without 
the probe, the GNOME desktop ap¬ 
pearing automatically in an expand¬ 
ed, somewhat fuzzy 800x600 mode. 
Surprisingly, re-running Xconfigura¬ 
tor and searching through the screen 


types revealed a 1400x1050 display 
option. When we tried it, the screen lit 
up in full resolution, which is excel¬ 
lent for Web surfing or having multi¬ 
ple windows open at once. 

Our initial concerns about the audio 
system were also unjustified; the 
sound coming from the two stereo 
speakers was tinny but clear, even 
when playing a CD-Audio disk. Red 
Hat 7’s drivers also detected and cor¬ 
rectly installed the DVD player, built- 
in 10/100 Ethernet card, and V.90 mo¬ 
dem. GNOME’S battery meter worked 
with the ThinkPad’s battery manage¬ 
ment and accurately reported the per¬ 
centage of charge in the Li-Ion bat¬ 
tery and predicted how much runtime 
remained. 

Power and Speed 

Once up and running, the ThinkPad 
was a joy to operate. Not only does 
its screen best most 17-inch monitors 
in brightness and resolution, but the 
computer’s blinding speed, storage ca¬ 
pacity, and full array of ports makes it 
the equal of all but the latest GHz 
desktops. In addition, having an on¬ 
board Ethernet connector is prefer¬ 
able to having to add a separate 
PCMCIA- or USB-based NIC. We also 
found the eraser-shaped “TrackPoint” 
mouse and smooth keyboard perfect 
for professional writers. 

No Respect 

Still, considering how much work the 
open-source community has done to 
provide drivers for ThinkPad hard¬ 
ware, it would be nice if IBM ack¬ 
nowledged their effort and provided 
some technical notes or at least listed 
Linux on its “compatibility matrix” for 
this computer. But forget about IBM’s 
obligatory “Built for Windows” stick¬ 
ers — this is one classy notebook that 
runs Linux with style. Ill 
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VERTTAS NetBackup™^>r Linux 

Conquer Linux backup 


VERITAS NetBackup for Linux. The Value of Leadership. 

The #1 provider of backup solutions in America is the natural choice for your Linux environment. With NetBackup for 
Linux, VERITAS offers a true enterprise-level backup and recovery solution. It’s advanced, yet intuitive and easy to use; 
comprehensive, yet remarkably affordable. Then consider the proven performance, scalability and VERITAS quality 
support, and it’s clear that NetBackup for Linux delivers value you thought was beyond your reach. 

For more information on VERITAS NetBackup for Linux, visit www.veritas.com/linuxbackup. 


VERITAS 


BUSINESS WITHOUT INTERRUPTION " 1 







$6,000—S6,500 

http://www.sgi.com/workstations/330 


SGI 330 Packs a Punch 


In a Nutshell 



Pros: 

^ Unparalleled 3D graphics 
performance for the price 

> No-nonsense driver and graphics 
library configuration with the 
supplied SGI Linux Pro Pack 

^ Supports multiple distros 

Cons: 

^ Pricey 

> Limited off-the-shelf Linux OpenGL 
applications 

^ Pro Pack only supports older Linux 
distributions at this time 


By Jason Perlow 


F or many years, SGI (formerly 
Silicon Graphics Inc.) basically 
owned the high-end workstation 
market for systems used to cre¬ 
ate Hollywood-style Computer 
Generated Imagery (CGI) and highly 
complex scientific simulations and 
modeling. If a movie special effect 
ever made you ask “How’d they do 
that?”, chances are good it was done 
on an SGI machine. 

SGI has gone through many trials 
and tribulations over the last few 
years, mainly because their lightning- 
fast, ultra-proprietary MIPS RISC 
graphics powerhouses were so prohib¬ 
itively expensive to purchase and sup¬ 
port that nobody could afford them, 
thus affecting SGFs bottom line. 



CPU 

> Dual 1 GHz processors 

RAM 

> 512 MB RAM 

Hard Drive Space 

> 18.2 GB SCSI hard disk 

Graphics 

> VR7 graphics processor 


More Baiig for the Buck 

After numerous dips in stock price, 
profit warnings, reorganizations, and 
executive departures, SGI has re¬ 
worked their product line to con¬ 
tain more modest computer work¬ 
station and server offerings. Their 
product line is now composed 
mostly of commodity hardware 
components and 
runs on Intel chips 
and PC-based OSes, 
such as Windows NT and 
Linux. Basically, their machines no 
longer cost both an arm and a leg. 

SGI’s latest offering, the 330 Series 
Visual Workstation, combines their 
expertise in the high-performance 
workstation market with more afford¬ 
able off-the-shelf components, albeit 
on the high end of “off-the-shelf.” Our 
test unit boasted twin 1 GHz Pentium 
III processors, 512 MB of 133 MHz 
ECC SDRAM, an onboard 16-bit 
sound chip, onboard Intel Pro 10/100 
Ethernet and embedded twin-chan¬ 
nel Adaptec 7899 Ultra-160 SCSI, with 


a Seagate 18.2 Ultra 160 10,000 RPM 
SCSI drive. 


Pumped Up 


To call the 330 a PC on steroids would 
be a serious oversimplification; this 
machine has been optimized for pro¬ 
ducing lightning-fast, super high-res¬ 
olution 3D graphics, with no com¬ 
promise. The onboard 64 MB DDR 
(Double Data Rate) SDRAM 4x AGP 
graphics card, branded as the VPro 
VR7, is a highly tweaked version of 
the nVIDIA high-end Quadro2 Pro 3D 
graphics processor. It takes full ad¬ 
vantage of SGFs OpenGL 1.2 3D 
graphics library and is capable of 
pumping out more than 31 million 
triangles per second and up to 1 Giga- 
pixels per second. This is the type of 
performance you would expect from 
a machine being used to design vivid 
space battles in the next Star Wars 
movie. 

The SGI 330 is not just the latest 
and greatest in buzzword graphics 
and PC hardware however. To pull it 
all together, the 330 runs an extreme¬ 
ly tweaked Red Hat 6.2, Turbolinux 
6.0, or SuSE 6.4 (support for other 
distributions and newer Linux ver¬ 
sions is coming soon). We performed 
the installation by first installing the 
base-level Red Hat 6.2 and then the 
SGI Linux Pro Pack 1.3 for Visual 
Workstations. 

Installation and Setup 

The Pro Pack is an entire CD filled 
with SGFs fully compliant OpenGL 
libraries, graphics drivers, XFree86 
4.x, a tweaked SMP kernel, and OSS 
sound drivers. Fortunately, installa¬ 
tion was much simpler that on a typ¬ 
ical Linux system. There was no has¬ 
sling with RPMs or installing pack¬ 
ages manually. Just mount the CD, 
and a simple shell script installs every- 
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thing for you. One reboot later and 
voila! You’ve got an instant 3D graph¬ 
ics powerhouse. We wish other big- 
name PC workstation manufacturers, 
with their so-called Linux-certified 
systems, would take the care that SGI 
does by providing an easy way to get 
all the drivers you need up and run¬ 
ning. SGI clearly knows what they’re 
doing when it comes to Linux. 

To test the Visual Workstation, we 
used SPEC’s (http://www.spec.org) 
ViewPerf graphics benchmark and 
the included SGI 3D demos. We were 
stunned with the fluidity and speed 
of the animated 3D models at such 
high resolutions (1600x1200) and 
deep color depths (24 and 32-bit). 
Performance figures varied greatly de¬ 
pending on what resolution and color 
depth we used, but we were very 
pleased with how well this unit com¬ 
pared with other manufacturers in 
the $6,500 (and higher) price range, 
given existing scores of graphics work¬ 
stations that are currently disclosed 
by SPEC. 


However, we were unable to see 
any evidence of performance improve¬ 
ment when we ran the benchmark 
using both Pentium III processors. 
This was probably because the bench¬ 
mark does not completely exploit mul¬ 
tiprocessors on Linux 2.2.x systems. 
We expect this SMP performance is¬ 
sue to clear up considerably when the 
2.4.x kernel-based distributions arrive 
in the second or third quarter of 2001. 

Benchmarks aside, unless you roll 
your own OpenGL applications in a 
scientific environment or are perverse 
enough to use a $6,500 graphics work¬ 
station for playing Quake, there are 
few off-the-shelf OpenGL applications 
capable of exploiting this hardware. 
If you want to give it a shot. Blender 
(http://www.blender.nl, reviewed in 
the June 2000 issue of Linux Maga¬ 
zine and available http://www.lmux- 
mag.com/2000-06/pr__blender_ 
01.html) and a couple of others can 
be found on Freshmeat (http://fresh- 
meat.net/appindex/Xll/Modelling, 
html). 


Much of this will change, however, 
when SGI’s Alias/Wavefront subsidi¬ 
ary (http://www.aliaswavefront.com) 
releases the Linux version of MAYA 
3.0, the entertainment industry 3D 
graphics workhorse, currently in late 
beta, in the second quarter of 2001. 
Avid Technology is currently porting 
Softimage’s (http://www.softim.age. 
com) next-generation 3D graphics an¬ 
imation suite, codenamed “Sumatra,” 
to Linux and has already released ver¬ 
sion 4.4 of their TOONZ 2D cell ani¬ 
mation packages for Linux. 

The list Herd 

In terms of hardware and software 
integration, the SGI 330 is a shining 
example of what every Linux-com¬ 
pliant PC workstation vendor should 
supply. However, in this case, stellar 
Linux integration carries a hefty price 
tag. Still, those of us on the bottom 
of the food chain, with our roll-your- 
own white-box Linux PCs, can always 
dream of graphics nirvana. II 


Console Management Over Telnet! 


Access Network Serial Console Ports... Fr 


fhere! 


The CMS-16 Console Management Switch provides 
secure, in-band and/or out-of-band access to RS232 
console ports and maintenance ports on UNIX servers, 
routers, and other network equipment. System admin¬ 
istrators can access remote devices in order to change 
configuration parameters, connect users to restricted 
ports, collect buffered data, and perform a variety of 
other control related functions. 
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AC or 48V 
DC Power 


lOBase-T 
Ethernet Interface 



RS-232 Ports 


19" or 23” Rack 
Mounted 


✓ Sixteen (16) RS232 DB9 Serial Ports 

✓ lOBase-T Ethernet Port 

✓ TCP/IP Security Features 

✓ Port-Specific Password Protection 


✓ Non-Connect Port Buffering 

✓ Modem Auto-Setup Command Strings 

✓ Co-location Features 

✓ AC and 48V DC Powered Models 


Visit website for complete NetReach™ product line . 

(800) 854-7226 * www.wti.tom 
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Save Code with Perforce 


REVIEWS 

Perforce Software’s Perforce $600 
http://www.perforce.com 


to a Nutshell 



Pros: 

Excellent client GUIs 


► Powerful server with many 
administrative commands 

► Source code control is mandatory 
in complex development 
environments 

► Great customer support 

Cons: 

► You’ll probably need their customer 
support to get started 
On-line-only documentation irritating 

^ Mandatory per-client configuration 
is somewhat complex 


Related Resources 

Configuration Management Today: 

> http://www.cmtoday.com 

Institute of Configuration 
Management 

> http://www.icmhq.com 

Newsgroup 

> news://comp.software.config-mgmt 

Open Source Version 
Control Software 

> http://www.cvshome.org 


By Bill von Hagen 

f you’ve ever been involved in a 
programming project that required 
many developers to work together 
without the aid of a source code 
. control system, you’ve probably ex¬ 
perienced the joy of having someone 
overwrite some part of the code you 
were working on. If this has ever hap¬ 
pened to you, you probably now re¬ 
fuse to write code without a source 
code control package and a loaded 
pistol by your side. Perforce is an ex¬ 
cellent example of the former; for the 
latter, see the discussion of the mod_ 
auth_smith_and_wesson PAM mod¬ 
ule elsewhere in this issue. 

Gantrolling Code 

Source code control sys¬ 
tems (SCCS) keep track of 
changes to a code base, pre¬ 
venting other developers 
from stepping all over your 
code. Through “merging,” 
SCCS can also make it rela¬ 
tively easy to blend together 
multiple changes made to a 
code base by multiple peo¬ 
ple without losing anyone’s 
contributions. 

Perforce is a client/server 
source code control system 
that runs on a large num¬ 
ber of platforms. The server typically 
is where the code store “lives.” Cli¬ 
ents typically modify only local copies 
“checked out” from the server. Per¬ 
force provides Graphical User Inter¬ 
face (GUI) clients for operating sys¬ 
tems such as Windows and Mac OS, 
and offers an excellent browser-based 
client called p4web for all other plat¬ 
forms (including Linux). 

Once you get it working, Perforce is 
a great piece of software. Unfortunate¬ 
ly, that can take a while. The docu¬ 
mentation is well-written but hides 


some easy getting-started instructions 
in obscure places (such as within the 
demonstration program documenta¬ 
tion). Luckily, Perforce’s customer sup¬ 
port is top-notch and patient, no mat¬ 
ter how many silly questions you ask 
(and we asked a lot). 

Unfortunately, while the documen¬ 
tation itself was very good, it is only 
available online, which proved to be 
extremely irritating. While this may 
make it possible for software compa¬ 
nies to update documentation right 
up to the last minute, we don’t have 
to like it. 

Superior Features 

As you might expect with Linux, Per¬ 
force faces stiff competition from an 
excellent piece of free software called 
CVS (Concurrent Versioning System), 
which can be compiled on almost any 
operating system. However, while CVS 
includes much to recommend it, Per¬ 
force definitely earns the money they 
charge. Perforce’s client GUIs are ex¬ 
cellent, providing nice hierarchical 
views of modified files and directo¬ 
ries. CVS has free GUIs that make it 
easy to work with, but they can’t 
touch Perforce’s years of dedicated 
GUI enhancements. 

In addition to having fancy GUIs, 
Perforce has phenomenal technical 
support. If you’re a software develop¬ 
er, you’ll be up against a tight dead¬ 
line at some point, and something 
will go wrong with your source code 
control system. It’s just the nature of 
the beast. Perforce may be fairly ex¬ 
pensive (especially compared to a 
product that’s free), but you can call 
them when you have a problem; a 
patient, pleasant person will help dig 
you out of the hole you’re in. 

If your company’s future is resting 
on the successful release of a new 
product, the kind of service that Per¬ 
force provides is priceless. UN 



Imt tfe FMfme* With this SCCS you can hack away 
without fearing someone else will overwrite the work. 
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Microway Delivers Custom Linux 
Workstations and Beowulf Clusters 
for Linux Professionals! 


Which Solution is Right for You? 

• 833 MHz Dual Alpha 

• 500 MHz - 1 GHz Pentium III or Quad Xeon 

• 500 MHz — 1 GHz Dual or Single Athlon 

• Beowulf Cluster 

Distributed Memory Parallel Processing 

• Myrinet Gigabit Ethernet or Dolphin Wulfkit 
High Speed, Low Latency Backplanes 

• RAID 

I I Satisfied customers have purchased Microway products since 1982, Our cost effective Linux 

solutions have been chosen by universities, government research labs and ISPs worldwide 
since 1996. Over the years Microway brand systems have become famous for their quality and 
price/performance. Simultaneously, our Technical Support staff earned a reputation as one of 
the best in the industry. This means you can count on our experience to 
configure a UNIX or Linux workstation or Linux Beowulf cluster solution that is ideally suited 
to your specific problem. This is why Microway was chosen by Los Alamos National 
Laboratory to maintain and upgrade their 144-node Alpha Avalon cluster. It is __ * 

also why both the University of Wisconsin and Rockefeller University chose jMR 

Microway to build their 100-node dual Pentium III clusters. In addition to ^ 
being an Intel Product Developer and AMD Athlon OEM, Microway is Alpha Processor, Inc/s 
Top North American Channel Partner. 

"To find a successful supplier of Linux solutions there are three things that you should 
know: One, the supplier must be proficient in Linux, a master of understanding Linux's 
superiorities; Two, the supplier must have a clear passion for hardware technology; Three, 
if you found a supplier that knows both Linux and understands hardware 
solutions, congratulations you have found Microway! When it comes to Linux and high 
performance, there's only one way, and that's Microway!" 

— Bruce Faust, founder of DigitalScape and Carrera Computers 

Microway custom configures Linux, NT and UNIX workstations, clusters and servers plus state 
of the art RAID systems. If you need a quality product that is fine tuned and built to last, from 
a company that will be around to support you for years to come, Microway is 

The Number One Choice. 

Find out why over 75% of Microway's sales come from 
repeat customers. Please call 508-746-7341 for a technical 
salesperson who speaks your language! 

Visit us at microway.com g 


Microway Screamer™ 
Dual Alpha UP2000+ 
833 MHz, 8MB Cache in RuggedRadk™ 
Chassis with Redundant Power Supply 


Microway Scalable, 18 Node 
36 Processor, Dual Pentium ill 
Beowulf Cluster with Myrinet and MPI 


Research Park Box 79, Kingston, MA 02364 
508-746-7341 • info@microway.com 















































































Beginning PHP4, 800 pgs $39.99 

Publisher: Wrox 
http://www.wrox.com 

Authors: Wankyu Choi, Allan Kent, 
Chris Lea, Ganesh Prasad, 

Chris Ullman, with Jon Blank and 
Sean Cazzell 

ISBN: 1-861003-73-0 


learn How to Speak PHP 


In a Nutsheg 


The Home for PHP: 

> http://www.php.net 

Forums, Community, and Links: 

> http://www.phpbuilder.com 

The Development Home for PHP: 

> http://www.zend.com 

Lotssa PHP Code: 

> http://www.phpioneers.com/ 


Overall, the book is well written and 
easy to follow. The book’s organiza¬ 
tion is a little confusing, though. Sim¬ 
ple concepts like handling e-mail are 
towards the back of the book after 
more complicated chapters such as 
ones on working with MySQL or error 
handling. The book contains two dif¬ 
ferent chapters on working with cli¬ 
ents (browsers), but they are six chap¬ 
ters apart. However, that’s really a mi¬ 
nor issue since computer books are 
not usually read front-to-back. The 
PHP language reference is also help¬ 
ful, though a bit terse. Since many of 
the functions are not demonstrated 
in the book, it would have been use¬ 
ful if the authors explained their usage 
more completely. 

Difficult Concepts Made Easy 

Beginning PHP4 really shines when it 
comes to pulling concepts together. It 
does so particularly well in the “Case 
Study” chapter. For example, chapter 
17 walks the reader through PHP to 
create a Yahoo!-like directory that can 
be dynamically updated and edited. 
This is a great example tying togeth¬ 
er earlier material on using PHP func¬ 
tions and working with a MySQL da¬ 
tabase. It would have been nice to 
see at least one more case study chap¬ 
ter like this one. We would have par¬ 
ticularly liked to see an example that 
illustrates how to work with the ses¬ 
sion tracking functions of PHP. In 
fairness, however, that may be beyond 
the scope of a beginner’s book. 

In short, we recommend this book 
to anyone who wants to get started 
with PHP4. It’s not going to be the 
only book you’ll ever need, but it’s a 
very good starting place. While read¬ 
ers who are already familiar with PHP 
might want to look for a more ad¬ 
vanced book, odds are they’ll still find 
some helpful information in Beginn¬ 
ing php 4. m 


Related Resources 


By Joe “Zonker” Brockmeier 


H aving passed the 5.1 million Web 
site mark in December, it’s pret¬ 
ty clear that PHP is catching on 
in a big way. If you’re a Web de¬ 
veloper who is still unfamiliar 
with PHP, it’s time to learn, and Be¬ 
ginning PHP4 is a good place to start. 

The authors of this book do not 
assume that the reader is a master pro¬ 
grammer who just happens to be get¬ 
ting started with PHP. They cover the 
fundamentals of programming — bas¬ 
ic concepts like variables, loops, and 
arrays — in a way that most begin¬ 
ners will find easy to understand The 
authors, however, do expect the read¬ 
er to know a bit about HTML, but 
just about anyone interested in PHP 
will probably have a basic grasp 
of HTML anyway. 


Learning to Program 


The authors of this book are 
very thorough, taking the reader 
through installation of PHP4 on 
various Windows platforms, Lin¬ 
ux, and other Unices. From there, 
the authors dive right into demon¬ 
strating how to write simple pro¬ 
grams with PHP and then pro¬ 
gress into some more complicat¬ 
ed concepts, such as accessing 
MySQL databases from PHP code 
and using PHP to create graphics. 
In the “Generating Graphics” 
chapter, the authors do a particularly 
good job of breaking down a very 
complex subject and making it easy 
to follow. Whether the beginner to 
PHP is ready to tackle manufacturing 
graphics on the fly is another ques¬ 
tion, but they can always skip this 
chapter. It would have been benefi¬ 
cial to have a chapter on working with 
databases other than MySQL. PHP 
works with PostgreSQL, Oracle, 
mSQL, and several other databases. 


> Great book for beginners 

> Covers basics well 

> Practical subject matter 


Con: 

> 
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Dual channel Ultra 160/m SCSI and Dual 
NICs for high availability and load balancing 


Dual-socket 370 Intel Pentium III 
Coppermine processors for speeds 
up tolGHz 




"Transmeta Corporation is proud to have our Linux/Windows-based compi 
provided by ASL. Their commitment to quality and proven track record is excell 

- Ray J. Borg, Mgr. IT 


3 hot-swappable SCA-2 drives plus 
CD-Rom and optional floppy 


Optimized 25° Angled DIMM, 
supporting high density memory 


High-speed chassis blower/cooler, 
copper heat sink for optimal cooling 


p-m. 
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Internet 
Infrastructure 



ReDefining Linux Performance 


POWERFUL. 
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1-87 


RELIABLE. EXCEPTIONAL. 
aslab.com 
7-ASL-3535 


Copyright © 2000 ASL Incorporated. Linux is a registered trademark of Linus Torvalds. Intel, Pentium and Coppermine are property of Intel Corporation. Windows is 
the property of Microsoft Corporation. All product names are the trade marked, registered trade marked or service marked property of their respective companies. 


LANCELOT 

1200 

There is a lot more rackmount here 
than meets the eye. Our slim form 
factor and advanced thermal cooling 
means the Lancelot 1200 takes a 
whole lot less space to do a whole 
lot more work. In fact, the Lancelot 
1200 doubles data bandwidth to 
provide you with high availability for 
your high-traffic Web-server 
applications. Lightning fast, the 
Lancelot 1200 outperforms every 
other 1U rackmount on the market 
today. Available with a 4GB 
high-capacity memory, this is the one 
rackmount that can handle any size 
application. Preconfigured with 
Mandrake or Redhat Linux OS, the 
Lancelot 1200 comes ready to take 
on the world for you. Count on the 
Lancelot 1200 to champion your 
business: B2B, to ISP, enterprise 
networking to e-commerce. 







Sick of Crashing? 



Build Your 
Three-Tier 

Internet 

Infrastructure 


with 


_Penguin 
Computing 

The World's Most Reliable Linux Systems 


www.penguincomputing.com 
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Web Server 

Colocation facilities are expensive, so your Web servers must have exceptional computing performance to handle 
large amounts of incoming traffic - yet be slim enough so you can stack multiple units in a rack. With 
enough nodes to accommodate the current demands of your site, and a slim 1U form factor, Penguin 
Computing's Relion 120 is the most powerful, flexible and scalable 1U rackmount server in the industry. 


Relion 120 


1 


Slim 1U (1.75") form factor 
Up to two Intel® Pentium® III 
Coppermine processors at up to 933 MHz 
Up to 4 GB of PCI 33 memory (4 DIMM slots) 
Two integrated Ethernet ports 
Integrated Adaptec Ultra 160 SCSI controller 
Two 3.5" hot-swap 1" SCA LVD drive bays 


Application Server 

To run your complex business-specific applications like BEA WebLogic Server™, your application servers 
must have fast processors and large amounts of RAM. To remain in operation, your application servers must 
also be outfitted with a variety of hardware-based redundant features. Penguin Computing's Relion 220 
server is designed specifically for these mission-critical application processes. 

Relion 220 *211(3.5") form factor 

Up to two Intel® Pentium® III Coppermine 

processors at up to 933 MHz 

Up to 4 GB of PCI33 Memory (4 DIMM slots) 

- f Two available PCI slots (two 64-bit) 

mm * Six 3.5" hot-swap 1" SCA LVD drive bays 

Up to two hot-swap power supplies 

Up to five Ethernet ports (gigabit optional) 


Database Server 

Database servers receive large numbers of requests. Programs such as Oracle8/™ that respond to these 
requests operate best with multiple fast processors, large amounts of RAM and high input / output 
capabilities. Store and protect your vital business data with Penguin Computing's Magnus 4500. 



4U (7") form factor 

Up to 4 Intel® Pentium® III Xeon™ 700 MHz 
processors with up to 2 MB of integrated L2 cache 
Up to 4 GB of PC100 memory (16 DIMM slots) 

Six PCI slots: two 64-bit/66 MHz, four 64/32-bit/ 

33 MHz 

Three 300W hot-plug redundant power supplies 
Four 3.5" hot-swap 1" SCA LVA Hard Drives A 

Virtually unlimited hard drive expandability using 
external storage units 



Buy on-line or call 415.358.2600 fax 415.358.2646 e-mail: sales@penuincomputing.com 
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The Truth About Text - Part III 


By Bill McCarty 

I ast month’s column introduced you 
to the venerable Unix editor vi. This 
month’s column describes several 
i of vi’s more advanced capabilities, 
I which set it apart from other edi¬ 
tors. By the end of this column you’ll 
know how to perform editing feats that 
are quite cumbersome without the 
help of vi. 

Editors Within Editors 

As explained in our previous Newbies 
column, vi is really two types of edi¬ 
tors in one. The older ex editor has 
been incorporated into vi, and any 
commands beginning with a colon 
(:) are passed to ex for execution. 

What wasn’t fully revealed last 
month, however, is that the ex editor, 
though older than the rest of vi, is 
capable of performing some pretty so¬ 
phisticated actions. Let’s begin by con¬ 


sidering Table One, which summarizes 
some important ex commands. 

In addition to the commands shown 
in Table One, ex handles several other 
important commands that were exam¬ 
ined in last month’s 
column, including the 
commands to write 
the current file and 
exit vi. 


lete a single line, issue the command: 


:xd 


where x is the number of the line that 


The set Command 


Deleting lines 

The previous Newbies 
column showed how 
you can delete the 
current line by issuing 
vi’s dd command. 
Using ex commands, 
you can delete a line 
other than the cur¬ 
rent one or delete a 
range of lines. To de- 


Table One: Selected ex Commands 


Command 


Description 


g /pa 11ern/command 

g!/ pattern/ 

m location 
r filename 

s/pattern/replacement/ 

t location 
! command 


Delete specified lines 

Execute specified command 
on lines containing pattern 

Execute specified command on 
lines not containing pattern 

Move lines to specified location 

Insert text from specified file 

Substitute instances of pattern 
with replacement 

Copy lines to specified location 

Execute a shell command 


The ex command set lets you enable and disable op¬ 
tions that control the operation of vi. The available options 
vary somewhat from one version of vi to another. Table 
Two, pg. 26, summarizes several of the most common and 
popular options. To view the currently enabled options, 
issue the command: 

: : set 

As an example, you can enable line numbering by issuing 
the command: 

:set number 

Most versions of vi let you abbreviate the name of an option. 
Thus, you can enable line numbering by issuing the follow¬ 
ing command, which is equivalent to that given previously: 

:set nu 

To turn off an option, prefix the name of the option with no. 
For example, to turn off line numbers, issue the command: 

:set nonumber 

Some set commands require a parameter; you can rec¬ 
ognize these by the presence of an equals sign (=) in Table 
Two. What kind of command would require a parameter? 
Well, let’s look at the tab character as an example. The 
tab advances the curser by a given number of spaces. 
You can use set to set the number of spaces associated 
with a tab character to four by issuing the command: 

:set tabstop=4 
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When NETWORK APPLIANCE Users Switch 
To RAIDZONE OpenNAS, How Do They Spend 
Their Savings ... Cars? Yachts? Trips? 


RAIDZONE OpenNAS 1TB $22,650 

Mercedes SLK320 $40,100 

Vancouver 32 Yacht $62,000 

QE2 104-day World Cruise $57,600 


Network Appliance F760 

1 TB 

$ 205,945 


$ 182,350 


Say you need a Terabyte of fast, reliable network storage for 
Windows or NFS. You could buy the NetApp 760 and be quite 
satisfied. Or, you could buy the RAIDZONE OpenNAS RS2000L, 
the Mercedes SLK320, the 32- 
foot sailboat, and the 104-day 
round-the-world cruise (in a 
deluxe outside cabin), and 
still have $23,000 left over. 

Which would be more than 
enough to buy a second TB 
of reliable RAIDZONE storage 
for your travel videos. 

Come on people, this isn’t 

rocket science. When you 
choose a RAIDZONE storage 
solution, you join our customer 
list alongside Boeing, Lockheed 
Martin, Motorola, Conexant, 

Palm Inc., Cisco Systems, The 
Dana-Farber Cancer Institute, 

Baylor College of Medicine, 

Komatsu Mining Systems, and 
hundreds of others. 


RAIDZONE OpenNAS 
RS2000L File Server 
$22,650 

15 hot-swappable, 80 GB Ultra 
ATA/100 drives 

RAIDZONE disk array, with hot 
spare, hot swap, RAID 5 and 
on-the-fly rebuild 
Dual high performance 933 MHz 
Pentium III CPUs. 256MB RAM 
Gigabit & 100MBit NICs installed 
Complete browser-based remote 
administration interface 
Supports NFS, Windows 
(SMB/CIFS) and Apple clients 
Includes full 1 year warranty, 
with 3 years on the disks 


Every one of these industry leaders has 
purchased a RAIDZONE OpenNAS 
storage solution. A few of them have 
already installed over 10 Terabytes of 
RAIDZONE storage, with more to come. 
Not surprisingly, none of them has had 
any problem deciding what to do with the 
large amounts of money they’ve saved. 

A full line of RAIDZONE OpenNAS file 
servers is available. If your storage needs 
are modest, you can choose the 200 GB, 
5-disk desktop cube. At the high end, we 
have a 45-disk, 3 Terabyte rackmount 
server with dual Gigabit Ethernet NICs. 
And every size in between. All designed 
so that you can get the amount of reliable, 
redundant storage you’ll need tomorrow 
at a price you can afford today. 


For more information, or to order 
online, please visit our Web site: 

www.raidzone.com 

or give us a call at: 

1-800-388-1896 


Trademarks/Owners: RAIDZONE and, OpenNAS/Consensys Computers Inc.; Network Appliance/Network Appliance, Inc.; Linux/Linus Torvalds; Windows/ Microsoft Corp.; Apple/Apple 
Computer, Inc. The information about Network Appliance price and features is from a quotation valid on November 9, 2000, and is subject to change at any time. 


























you want to delete. Be sure to type the 
colon, which signifies that you’re is¬ 
suing an ex command rather than an 
ordinary vi command. For example, 
to delete line 3, issue the following 
command: 

:3d 

At this point, you might be asking, 
“Great idea, but how am I supposed to 
know what line number I’m looking 
at?” It’s a very good question. The fact 
is that it’s much easier to use this and 
other ex commands if line numbering 
is enabled. If your configuration of vi 
does not display line numbers by 
default, see The set Command sidebar, 
pg. 24, to learn how to enable line 
numbering. 

Deleting a range of lines is not much 
more difficult than deleting a single 
line. To do so, issue the command: 

:x, yd 

where x is the number of the first line 
you want to delete, and y is the num¬ 
ber of the last line you want to delete. 
For example, to delete lines 1-25, is¬ 
sue the command: 

:1,25d 

The symbol $ stands for the last line 
of the current file. So rather than typ¬ 
ing in the line number, you can delete 
all lines by issuing the command: 

: 1 / $d 

The symbol % stands for 1, $, so you 


can issue this command even more 
conveniently as: 

:%d 

Copying and Moving Text 

The ex commands to copy and move 
text use a syntax similar to that of the 
d command. To copy a range of lines 
to a new location, issue an m com¬ 
mand as follows: 

:x,ymz 

where the range of lines to be copied 
is x, y, and the copied lines are to be 


inserted following line z. If you want 
to copy only a single line, you can spe¬ 
cify x without the comma and y. For 
example, if you wanted to copy lines 
1-5 and insert them after line 10, you 
would issue the following command: 

: 1,5ml0 

Similarly, to copy line 5 and insert 
it after line 10, issue the command: 

:5ml0 

To move lines rather than copy 
them, use the t command rather than 
the m command. You may find it help¬ 
ful to think of the t as standing for 
transfer. For example, to transfer lines 
1-5 to the line following line 10, issue 
the command: 

:1,5tl0 

Issuing ex Commands 

Most ex commands follow the same 
pattern as the d, m, and t commands. 
To see this pattern, refer to Figure One. 
As shown there, the typical ex com- 


Table ItoO: Common vi Options 


Option 


Description 


autoindent 

ignorecase 

number 

shif twidth=wi d th 

showmatch 

tabs top=spaces 

wrapsean 

wrapmargi n-width 


In insert mode, causes vi to automatically indent 
each line to align with the preceding line. 

Causes vi to ignore case when searching. 

Causes vi to display line numbers. 

Defines the width of columns used when autoin¬ 
dent is enabled. Also defines the operation of the 
shift (< and >) commands. 

Causes vi to briefly flash the matching ( or [ when 
the cursor moves over a ) or ]. 

Defines the number of spaces of indentation asso¬ 
ciated with a tab character. 

Causes vi to search from the beginning of the file 
when the end of the file is reached. 

Causes vi to automatically wrap lines that exceed 
the specified width. 
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ArkeicP... Data protection for 
the real world. 


With over 30,000 users 
worldwide and more than 150 
new companies choosing 
Arkeia® every month to 
protect their mission-critical 
data, Arkeia® is the de-facto 
standard for network backup 
with Linux. 

Visit our web site at 
www.arkeia.com and benefit 
from a free 30 day demo 
of the full Arkeia® 4.2 
Professional Version. 

A free version of Arkeia® is 
also available for home and 
small business use to 
protect data on one Linux 
server and two clients. 


" A year ago our goal was simple; we 
wanted one reliable, inexpensive, 
centralized backup solution capable of 
supporting all the different operating 
systems we used. The time we spent keeping 
track of all the different software and tapes 
for our operating systems, and the time it 
took for some of the software to locate and 
restore data was growing out of control. 

Our first decision was to use a Linux based server because of its 
robustness, reliability and cost-effectiveness. The next step was to find 
backup software that would run on Linux and allow us to back up 
the diverse OS's in our environment. After researching several software 
solutions, we ultimately chose Arkeia for the following reasons: 


• It is easy to install, configure and use. 

• The server side runs on Linux and can be controlled locally or 
remotely via X, Java, or command line interfaces simultaneously. 

• It supports all major operating systems in our environment. 

• The client side compression provides minimal impact on our network. 

• The multiflow capability allows several servers to be backed up 
simultaneously, thereby decreasing the backup window. 

• It supported the tape library we had at the time, and it allowed 
us to upgrade to the library we wanted, which added enterprise- 
level capabilities including barcode reading. 

• The way it creates tape segments to store the data on the tapes 
makes restoring quick and easy. 

• Each tape contains the source code necessary to restore the tape, 
no matter the situation. 

We have been using Arkeia for approximately a year and have been 

very satisfied. Arkeia has made the creation of a centralized backup 

server a breeze. The issue of having to manage multiple systems with 

different tapes for the different operating systems is no longer a concern. 9 


(version (tLg) nj )- 

arkeia 


When it comes to data protection, small and medium 
sized companies, as well as big companies, need 
fast, reliable and affordable software. 


Barry D. Trout 
Sr. Systems Administrator 
Giant Industries, Inc. 
Scottsdale, AZ 


©2000 All rights reserved. Arkeia is a registered trademark of Knox Software Corp. All other trademarks and tradenames are property of their respective owner. 


















mand has four parts, two of which are 
optional: 

> The colon, which signifies that the 
command is an ex command. 

> The range of lines that are the sub¬ 
ject of the command. If this part is 
omitted, the command operates on 
the current line. 

> The command itself. 

> The command options, which may 
be omitted. None of the ex com¬ 
mands described so far require any 
options. 

Substituting Text 

One of the most powerful ex com¬ 
mands is the s command, which sub¬ 


stitutes text. To replace the string hi 
with bye on the current line, issue the 
command: 

:s/hi/bye/ 

If you want to perform this substi¬ 
tution over a range of lines, simply spe¬ 
cify the desired range. For example, to 
perform the substitution over lines 1- 
100, issue the command: 

: l, 100s/hi/bye/ 

The s command supports two espe¬ 
cially useful options. By default, the s 
command moves to the next line 
whenever it replaces text. Thus, a sec¬ 
ond or subsequent occurrence of the 
pattern in the same line is ignored. To 
specify that the command should look 
for multiple occurrences of the pattern 


Table Three: Important Regular Expression Characters 

Character Meaning 

Matches any single character. 

* Specifies that the preceding expression is optional and 

need not be matched. Moreover, the expression can be 
matched indefinitely many times. 

Specifies that the character x is understood as an ordi¬ 
nary character, even if it is a metacharacter. 

Specifies a list of characters, any one of which can be 
used in matching. For example, the expression 
[0123456789] matches any digit. 

Specifies a range of characters, any one of which can 
be used in matching. For example, the expression [0- 
9 ] matches any digit. 

Used to specify multiple ranges of characters, any one 
of which can be used in matching. For example, the ex¬ 
pression [a-z0-9] matches any lowercase letter or 
digit. 

Matches the specified pattern when it occurs as the 
beginning of a word 

Matches the specified pattern when it occurs as the end 
of a word 

Matches the beginning of the line 
Matches the end of the line 


\x 

| list] 

- [range] 

[rangerange] 

\<pat tern 

\>pattern 


on each line, use the g option. For ex¬ 
ample, the following command will re¬ 
place all occurrences of hi with bye 
throughout the current file: 

:%s/hi/bye/g 

Another useful option is c, which 
causes vi to prompt for confirmation 
before performing a substitution. 

The full power of ex becomes appa¬ 
rent when you learn that regular ex¬ 
pressions can appear in the pattern and 
replacement text of the s command. 
Table Three summarizes some impor¬ 
tant regular expression characters that 
we looked at in the first part of this 
series. 

To see what’s possible by using 
regular expressions, consider the fol¬ 
lowing command: 

: %s/ A red/blue/ 

This command replaces the text red 
with blue, but does so only when red 
is the first word on the line. As an ex¬ 
ample of a still more sophisticated 
command, you might consider the fol¬ 
lowing example: 

:%s/= [0-9] [0-9]*/number/g 

This command searches for lines 
containing an equals sign followed by 
one or more digits. When it finds such 
a line, it replaces the series of digits 
with the text number. This kind of raw 
power is the reason that so many 
serious hackers swear by vi (or ex). 

Still More ex Commands 

While the s command is truly power¬ 
ful (See the Using Hold Buffers side- 
bar, pg. 30), ex has other, equally im¬ 
pressive tricks. For example, consider 
the g command (not to be confused 
with the g option we spoke about 
elsewhere in the text), which is sum¬ 
marized in Table One. You can use it 
to, for example, quickly delete all 
lines containing the text comment: 

: 1, $g/coimment/d 
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: : - 


Make sure your data survives Gigabit speed. 

/ 

With independently verified wire-speed, non-blocking performance, NPI’s new Cornerstone 12g Gigabit Ethernet switch 
prevents today’s fastest applications from jamming your network. That’s because NPI switches are “Powered by 
Nu\NaveArchitecture,” your guarantee of 100% data throughput with zero packet loss at incredibly low prices per port. 
Contact NPI today at 1-800-674-8855 or visit www.npi.com for OEM and VAR opportunities. 


The Gigabit Ethernet Company 


1-800-674-8855 


NETWORK PERIPHERALS INC 


www.npi.com 










Following the g with a ! would 
reverse the sense of the command, 
causing it to delete lines not con¬ 
taining the text command. 

Here's another vi trick — use 
the r command to insert the con¬ 
tents of a specified file into the 
current file. For example, issue the 
command: 

:r test.txt 

to insert the contents of the file 
test.txt following the current 
line. 

As a final trick, we present the 
! command, which lets you exe¬ 
cute a shell command. For exam¬ 
ple, to list the files in the current 
directory, issue the command: 

: ! Is 

If you want to issue several shell 
commands, start a subshell by is¬ 
suing the following command: 

: ! sh 

You can consult the references 
given at the end of last month’s 
column to learn about other vi and 
ex commands. 

Practice Baby. Practice... 

Okay, you’ve now had the cook’s 
tour of vi. If you aspire to become 
a chef, rather than a mere tourist, 
all that remains is for you to prac¬ 
tice using vi. If you take the time 
to do so, you’ll likely find that vi 
grows on you, eventually becom¬ 
ing an indispensable part of your 
computing toolkit. Again, to learn 
even more about vi, remember to 
consult the sources given in the 
conclusion of last month’s column. 
Until next month, have fun play¬ 
ing around with these editors. 


Bill McCarty is associate professor 
at Azusa Pacific University's School 
of Business & Management. He can 
be reached at bmccarty@apu.edu. 


Using Hold Buffers 

If you like to cut and paste, you’ll be glad to know that the s command supports hold 
buffers, which let you store parts of the matched text and use them in the replace¬ 
ment text. This is an extraordinarily powerful capability. To designate a part of the 
pattern for which the matched text is to be saved, enclose that part of the pattern 
between the characters \ ( and \). To insert the stored text into the replacement 
text, specify the text \i for the first or only stored text, \2 as the second stored 
text, etc. Up to nine parts of the pattern can be stored and retrieved this way. 

As an example, consider the following command that helps you change past tense 
verbs (ending in ed) to present tense verbs (ending in s) when they occur at the 
beginning of a line: 

:%s/ A \(.*\)ed/\ls/ 

Okay, that’s a significantly hairy command, no doubt about it. However, if you take it 
a piece at a time, it’s not that difficult to understand. The command works like this: 

> The : signifies that the command is an ex command. 

>- The % signifies that the command is to be applied to every line. 

>- The s signifies that the command performs text substitution. 

> The / marks the beginning of the search pattern. 

>- The A signifies that, to be matched, the pattern must be found at the beginning 
of a line. 

> The \ ( signifies the beginning of a part of the pattern for which the matching text 
is to be stored in a hold buffer. 

> The . * is the text to be matched, which can consist of one or more characters 
of any type. 

> The \) signifies the end of a part of the pattern for which the matching text is to 
be stored. 

>- The ed is part of the pattern and must be matched along with the . 

>■ The / marks the end of the search pattern and the beginning of the replacement text. 

> The \l signifies that the contents of the first hold buffer are to be inserted into the 
replacement text. 

> The s is text with which to replace the matched text. 

>• The / marks the end of the replacement text. 

Try your hand at using the hold buffer facility. You’ll likely amaze yourself at the edit¬ 
ing tasks you can perform by using it. 
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The Highest Density RackServer Solutions Available! 


NAServ Network Attached Storage Filers 


NAS 3000 

*1,495 

as low as $ 69 per month 1 

40GB 3 Capacity, Max 328GB 3 
2 x 20GB IDE Hard Drive 

• 128MB Memory 

■ RAID 0/1/5 Striping/M irrori ng/Parity'^ 

■ JB0D Support 

■ 10/100 RJ45 Ethernet Port 

• 111 Rackmount (1.75"H/19”W/23”D) 

80GB 3 (2 x 40) 

120GB 3 (2 x 60) 

160GB 3 (4 x 40) 

248GB 3 (4 x 62) 

328GB 3 (4 x 82) 


$1,795 

$1,995 

$2,295 

$2,695 

$2,995 


NAS 4000 

*2,795 

as low as $ 94 per month 2 

160GB 3 Capacity, Max 492GB 3 
4 x 40GB IDE Hard Drive 
256MB Memory 

Hardware RAID 0/1 (4x Faster than Software) 
RAID 0/1/5 Striping/Mirroring/Parity & JBOD 
Optional Hot-Swap Drive Bays (Max 4 Drives) 
2 x 10/100 RJ45 Ethernet Ports (up to 4) 

1U Rackmount (1.75”H/19’’W/23 !! D) 
248GB 3 (4 x 62) 

328GB 3 (4 x 82) 

410GB 3 (5 x 82) 

492GB 3 (6 x 82) 


$3,495 

$3,995 

$4,995 

$5,995 


E.Serv 1U RackServers (Single & Dual CPU) 


iu 


*895 


DUAL 

CPU 

READY 


as low as $ 35 per month? 

Mode! 01633-110 

• Intel Celeron 633 MHz CPU 

• 128MB Memory, Max 512MB 
■10GB UltraATA/66 IDE Hard Drive 

• Integrated 10/100 Fast Ethernet NIC 

• Integrated SVGA Video 

• Red Hat Linux 7.0 w/Browser Manager 

Pentium III 70 0 01700-110 $995 

Pentium III 800 01800-110 $1,195 

Pentium III 86 6 01866-110 $1,295 

Pentium III 93 3 01933-110 $1,595 

Upgrade to 256MB Add $99 

Upgrade to 30GB HD Add $49 


V-Raptor 1U Dual 

*1,695 

as low as $ 76 per month 2 

Model 12750-230 

Intel Pentium 11(750 MHz CPU (Dual Ready® 
128MB Memory, Max 1.5GB 
■30GB UltraATA/66 IDE HD 

• Integrated Intel 10/100 Fast Ethernet NIC m 
■ Optional 2nd & 3rd lnteijK)/1(f) Ethernet Jj 

• Red Hat Linux 7 0 w/Brow$ii|fanager :. | 

1 x Pent III 866 11866-130 $1,895 

2 x Pent III 750 21750-130 $1,995 

2 x Pent III 866 21866-130 $2,395 

2 x Pent III 93 3 21933$30 $2,795 

2 x Pent III 1 GHz 211000-130 $3,295 
Upgrade to 256MB Add $99 


DUAL 

CPU 

READY 


T-Rex 1U Dual/SCSI 

*2,895 

as low as $ 105 per month 2 

Model 11800-S118 

■ Intel Pentium 111800 MHz CPU (Dual Ready) 

• 256MB ECG Memory, Max 4GB 
18.2GB Ultra 160 SCSI Hard Drive 

• Ini Adaptec Ultra 160 SCSI Controller ■ - 

• 2 x Integrated Intei 10/100 Fast Ethernet NIC 

• Red'Hlat Lm&x 7.0 w/Browser Manager 

1 x Pent 111 866 11866-S118 $2,995 

1 x Pent III 933 11933-S118 $3,295 

2 xPent III 866 21866-S118 $3,495 

2 x Pent III 93 3 21933-S118 $3,895 
2 x Pent III 1GHz 211G-S118 $4,395 

Upgrade to 512MB ECC Add $399 


Fit Over 20TBs 3 in a 19” Rack 

NAS “Plug’nPlay” Instant Storage Solution! 

1U Rack height (1.75”H) 

Fit up to 20TBs 3 in a Rack 
From 1.1 cents per Megabyte 
RAID 0/1/5 & JBOD Support 
Easy-to-use NAS Manager sets 
up in less than 15 minutes 
Easily manage user and group 
access and security 
Auto detects and configures to 
your network 

Supports Windows, Unix, Linux 
& Mac clients 

Remotely manage over Internet 
with standard web browser 
Optional hot-swappable drives 
(Model 4000) 


Einux’s NAServ Storage 
Appliances offer “on the fly” 
storage that can be attached 
to your network and up in 15 
minutes or less. Plus, Einux’s 
NAServs offer the highest den¬ 
sity NAS storage appliances in 
the industry with up to 20.6 
Terabytes of storage capacity in 
a 19” rack. 


Dual CPU 1U under $2,000! 

Plus 1U RackServers from under $900! 


Starting at $895 & $1,695 
respectively, the E.Serv 1U &. 
1U V-Raptor are the lowest 
priced 1U and Dual CPU 
Ready 1U server solutions in 
the industry. Plus, the E.Serv 
lUs save precious colo space 
by fitting up to 42 E.Servs in a 
19” rack. 


1U Rack height (1.75”H) 

• Fit up to 42 Servers in a Rack 
Support for up to Dual CPU 1 
Supports up to 1GHz CPU 1 
Up to 133MHz FSB (Bus) 
Easy-to-use Server Appliance 
sets up in less than 15 minutes 
Remotely manage over Internet 
with standard web browser 
Standard with Linux, also sup¬ 
ports Unix & Windows NT/2000 


Standard Features include Pentium111 Motherboard, Integrated 10/100 Fast Ethernet Adapter, Built-in SVGA Graphics, PS/2 ■ 
Keyboard & Mouse, USB, Serial, Parallel Ports,.ID Rackmount Aluminum Chassis (2 HD, 1 CD/FD/H0 Drive Bays), 230 Watt 
1U Power Supply, Einux Compact Cooling System, Red Hat Linux 7.0 OS w/EinuxBrowser Server Manager, Also supports V; 
lUnix, Solaris, Windows NT/2000 0S; ; Dimensions: 1,75”H x 19”W x23“0 . v | 


E.Serv 2U RackServers (Single & Dual CPU) 


DUAL 

CPU 

READY 


2U Dual Ready 

*1,395 

as low as $ 52 per month 2 
Model 21800-120 

• Intel Pentium 111 800 (Dual Ready) 

• 128MB Memory, Max 1,5GB 

• 20GB IDE Hard Drive (up to 4 HD) 

• Integrated 10/100 Fast Ethernet NIC 

• Red Hat Linux 7.0 w/Browser Manager 

Pentium III 86 6 21866-120 $1,495 

Pentium III 93 3 21933-120 $1,695 

Pentium III 1GHz 211000 120 $1,995 
Upgrade to 256MB Add $99 

Upgrade to 30GB HD Add $49 


2U Dual 

*1,695 


DUAL 

CPU 

READY 


as low as $ 59 per month 2 

Model 21750D-140 

■ 2 x Intel Pentium III 750 CPU (Dual) 

• 128MB Memory, Max 1.5GB 

■ 40GB IDE Hard Drive (up to 4 HD) 

• Integrated 10/100 Fast Ethernet NIC 

• Red Hat Linux 7.0 w/Browser Manager 

2 x Pent III 86 6 21866D-160 $2,095 
2 x Pent III 93 3 21933D-160 $2,495 
2 x Pent III 1 GHz 211 GD I 60 $2,895 

Upgrade to 256MB Add $99 

Upgrade to 60GB HD Add $99 


2U Dual/SCSI 

*2,495 


DUAL 

CPU 

READY 


as low as $ 73 per month 2 

Model 22866-S118 

• Intel Pentium III 866 (Dual Ready) 

• 128MB ECC Memory, Max 4GB 

• 18.1GB Ultra 160 SCSI Hard Drive (upto 4) 

• Adaptec Ultra 160 SCSI Controller 

■ Integrated 10/100 Fast Ethernet NIC 

• Red Hat Linux 7.0 w/Browser Manager 

Pentium III 93 3 22850-S118 $2,695 

Pentium III 1GHz 221000-SU8 $2,995 

Upgrade to 256MB ECC Add $199 
Upg to 36GB SCSI HD Add $499 


E.Array 1/4U & 1/2U Cluster Server Arrays 

1/2U Server Array 

*2,195 


as low as $ 79 per month 2 
Model 12633-110 

• 2 x Intel Celeron 633 GPU 
•2x 128MB Memory 

■ 2 x 10GB IDE Hard Drive 

• 2 x Integrated 10/100 Fast Ethernet NIC 

• Red Hat Linux OS / Einux Browser Manager 

2 x Pent 700 12700-110 $2,395 

2 x Pent 750 12750-110 $2,595 

2 x Pent 800 12800-110 $2,795 

2 x Pent 850 12850-110 $2,995 

Upg to 2 x 256MB Add $299 

Upg to 2 x 20GB HD Add $149 

ClusterManager $799 


1/4U Server Array 

*4,995 

as low as $ 175 per month 2 

Model 14633-106 
4 x Intel Celeron 633 GPU 
4 x 128MB Memory 
4 x 6GB IDE Hard Drive 
4 x Integrated 10/100 Fast Ethernet NIC 
Red Hat Linux OS / Einux Browser Manager 

4 x Pent 650 14650-106 $5,495 

4 x Pent 700 14700-106 $5,995 

4 x Pent 750 14750-106 $6,495 

4 x Pent 800 14800-106 $6,995 

Upg to 4 x 256MB Add $599 

Upg to 4 x 10GB HD Add $299 

ClusterManager $1499 


Clustering and data replication 

With Einux’s optional Cluster Manager™, Einux | 
Servers can be clustered for load balancing 
allowing for the highest availability without / 
the need for seperate, costly load balancing / 
equipment. Einux Servers can be effectively . 
deployed in server farm clusters, which can be 
easly managed from a remote location using 
Einux’s Cluster Manager™ client where users 
can easily see server health and availability and 
manage all services. Best of all, Einux’s Cluster | 
Manager™ is OS agnostic and can be imple¬ 
mented on different operating systems (Linux, 
Unix, Solaris, Windows) in the same network. 
Also, with Einux’s optional Data Mirror Man¬ 
ager™, data can be replicated inside the cluster 
so users only have to load one set of data, like 
a website, and the Data Mirror Manager™ rep¬ 
licates the data across the cluster to the other 
servers. With Einux’s Cluster Manager™ and 
Data Mirror Manger™, Einux’s Servers offer , 
the highest availability and redundancy. 


Dual CPU 2U under $1,700! 

Affordable 2U RackServer Solutions! 


The E.Serv 2U combines super 
computing power with its dual 
Intel CPU motherboard and up 
to 4GB of memory capacity 
all fitting in just 2U (3.5”) of 
space. 


2U Rack height (3.5”H) 

Fit up to 21 Servers in a Rack 
• Support for Dual CPU 
Supports up to 1GHz CPU 
Up to 133MHz FSB (Bus) 
Easy-to-use Server Appliance 
sets up in less than 15 minutes 
Remotely manage over Internet 
with standard web browser 
Standard with Linux, also sup¬ 
ports Unix & Windows NT/2000 

Standard Features include Dual CPU Ready Pentium III Motherboard, Integrated 10/100 Fast Ethernet Adapter, Built-in SVGA 
Graphics, PS/2 Keyboard & Mouse, USB. Serial, Parallel Ports, 2U Rackmount Chassis (4 HD, CD, FD Ortve Bays). 300 Watt 
2U Power Supply. Einux Compact Cooling System. Red Hat Linux 7.0 OS w/Einux Browser,Server Manager, Also supports 
Unix, Solaris, Windows NT/2000 OS. Dimensions; 3 5"Hx 19''W x 23”D 

Fit up to 168 Servers per Rack! 

World's First 4-in-IU and 2 An A U Server Arrays 

1U Rack height (1.75”H) 

Fit up to 168 Servers (1/4U) or 
84 Servers (1/2U) in a Rack 
Supports up to 850MHz CPU 
Easy-to-use Server Appliance 
sets up in less than 15 minutes 
Remotely manage over Internet 
with standard web browser 
Standard with Linux, also sup¬ 
ports Unix & Windows NT/2000 
Optional ClusterManager for 
easy high-availability clustering 

Standard Features include 4 x Pentium ill Motherboard, 4 x integrated 10/100 fast Ethernet Adapter, Built-in SVGA Graphics, 
PS/2 Keyboard & Mouse, Serial Ports, Einux Proprietary 4-m-tU Rackmount Aluminum Chassis, 1U Power Supply. Einux 


Introducing the E.Array, the 
world’s first server arrays based 
on Einux’s patent-pending High 
Density Cluster Server Array 
Architecture. Up to 168 indi¬ 
vidual servers can be installed 
in a 19” rack making the „ 

E.Arrays perfect for IDCs, ISPs 
and e-businesses where co-loca¬ 
tion real estate is precious. 


Sets up in 15 minutes or less! 

With Einux’s Server Appliance Browser Manager™ System for 
Linux, you can setup an Einux Server (LX Linux-based models) 
in less than 15 minutes using any standard Web browser and a 
TCP/IP Internet or Network connection. The Browser Manager™ 
allows users to access and maintain Einux servers remotely from 
anywhere in the world. Best of all, the Browser Manager lowers 
the Total Cost of Management (TCM) because it makes it is so 
easy, almost anyone can set up an Einux Server, thus requiring little or no IT experience. 
Einux’s Browser Manager™ comes standard on all Linux-based Einux rackmount servers and 
arrays. Test drive it yourself at http://www.einux.com/demo . 


Custom configure vour own server at www.einux.com 




CALL 866.88.EINUX (883.4689) 


email: info(§>einux.com 

Toll-Free: 1.866.883.4689Tel: 626.968.2686 Fax: 626.968.6565 
VARs/Resellers: Visit www.einux.com/reseiler 

^Certain models only Specs may vary See specific model for details leasing figures are based on 36 months- 
an are based on approved credit and may vary Storage capacities represent raw capacity and may vary accord¬ 
ing to configuration and partitioning. Not responsible for typo errors. Prices, configurations and availability sub- 
iect to change without notice. Caii for details: All trademarks are acknowledged. Copyright 2Q01 Einux, Inc. 
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Co-opetition in the Open Source World 

By Frank Hecker 


t an there be a happy marriage be¬ 
tween for-profit Information Tech¬ 
nology companies and volunteer 
developers? Consider the follow¬ 
ing situations that occurred over 
the past few years and the questions 
they raised: 

> Netscape released the source code 
for the Communicator browser and 
initiated a new style of open source 
project — one sponsored and sup¬ 
ported by a for-profit corporation. 
Was this truly an open source pro¬ 
ject or just a way for Netscape to 
take advantage of volunteer labor? 


of interest that can result when the 
two worlds of for-profit IT vendors and 
volunteer open source developers in¬ 
creasingly intermingle. 

In some people’s eyes this is a sim¬ 
ple “community vs. corporation” bat¬ 
tle — how the “community” balances 
spreading the ideals of open source 
and free software while avoiding a 
“sellout” to the corporations it is try¬ 
ing to evangelize. In reality, this is not 
a battle situation at all, but instead a 
classic example of “co-opetition,” 
where companies that compete for 
business cooperate on mutually bene¬ 
ficial projects and activities. 


commercial firms and non-commer¬ 
cial development communities. To fur¬ 
ther cloud the issue, these develop¬ 
ment communities might include, or 
even be led by, employees of the com¬ 
mercial firms. 

Thus, in the GNOME project, tradi¬ 
tional IT vendors (Sun, HP, and IBM), 
newer “open source vendors” (Red Hat, 
Eazel, and Helix Code), individual 
GNOME hackers, and the FSF are 
working together in an effort to more 
quickly extend Linux to the desktop. 

This new world of “co-opetition” 
raises a few important questions: 

> How can companies sponsoring 
open source projects work with in¬ 
dividual volunteer developers and 
not leave them feeling exploited? 

Netscape pursued two parallel stra¬ 
tegies. First, it tried to deliberately dis¬ 
tance the open source project from the 
corporate development effort (e.g., by 
giving it a separate name, Mozilla, and 
a dedicated team of supporters, mozil- 
la.org); in this way, participants could 
feel they were working for the project 
and not specifically for Netscape. 

At the same time, Netscape gave Mo¬ 
zilla contributors access to information 
and other aspects of the project pre¬ 
viously reserved only for employees. 
Netscape recognized that contributors 
and employees would not be satis¬ 
fied without having some measure 
of control over variables that af- 
i fected their work. While there is 
& still some tension between the 
■ Mozilla project and Netscape’s 

^ commercial product develop¬ 

ment efforts, many open source 
developers have chosen to con- 


> IBM decided to replace its internal¬ 
ly-developed Web server technolo¬ 
gy with the Apache Web server, 
basing its future Web application 
products on Apache and seeking to 
have its corporate developers join 
the Apache project. Does IBM want 
to work with the Apache project or 
exercise power over it? 

> Many key developers in the GNOME 
project quit working as volunteers 
and joined (or even founded) for- 
profit companies creating products 
and services related to GNOME. The 
project then issued joint press re¬ 
leases with Sun and other major IT 
vendors. Were GNOME developers 
still working for a non-corporate 
project or had GNOME essentially 
become a vendor consortium that 
promoted the interests of its cor¬ 
porate participants? 


These are just three 
examples that illustrate 
the perceived conflicts 


KEN WESTPHAL 


“Co-opetition” Grows Up 

This concept has become more com¬ 
plex and more interesting in the realm 
of open source software development, 
which can include individual develop¬ 
ers and non-profit players like the Free 
Software Foundation (FSF). This can 
lead to the 
alliances 
among 
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tribute to Mozilla development and 
perceive themselves as having a stake 
in the project’s success. 

> How can a corporation partner with, 
and have some influence over, an 
existing open source project? 

IBM’s first, and perhaps most im¬ 
portant, step was to understand that 
the Apache project should be thought 
of as a potential business partner — 
one to be wooed and negotiated with, 
not simply a collection of developers 
to which IBM would add its own peo¬ 
ple. The result was a set of terms and 
conditions under which IBM could 
join the Apache project, with individ¬ 
ual IBM developers being “invited in” 
as they proved their competence and 
dedication to the project’s goals. By for¬ 
going an attempt at short-term domi¬ 
nance within the Apache project, IBM 
was able to acquire a substantial mea¬ 
sure of long-term influence. 


> What issues arise when an all-vol¬ 
unteer project goes “pro”? 

As more and more key GNOME de¬ 
velopers aligned themselves with com¬ 
mercial GNOME-related ventures (He¬ 
lix Code, etc.), the GNOME project 
might have become a battleground for 
competing corporate interests. This 
shift might have threatened GNOME’S 
status as an independent project, in 
perception if not reality. 

By initiating formation of a formal 
GNOME Foundation last August, the 
GNOME hackers helped ensure that 
the project would continue as an ef¬ 
fort independent of any company or 
group of companies. Project leaders 
strengthened the legitimacy of their 
position by submitting to democratic 
elections open to all GNOME contrib¬ 
utors. Finally, by limiting the formal 
power of GNOME Foundation “corpo¬ 


rate partners” to simply providing ad¬ 
vice, the GNOME community helped 
ensure that corporate influence over 
GNOME would be mediated through 
individuals deemed worthy. 

> What will happen next in the on¬ 
going dance of co-opetition among 
open source projects and commer¬ 
cial companies? 

One emerging trend is particularly 
intriguing; despite business’ perceived 
role as the driving force in the “new 
economy,” corporations and individu¬ 
als involved in open source develop¬ 
ment seem to be rediscovering some 
traditional functions of politics and 
government: managing conflict among 
multiple parties of different interests 
and beliefs, serving as a counterweight 
to raw economic power, and increas¬ 
ing the perceived legitimacy of those 
with authority to make decisions that 
are binding to everyone. 


There are tradeoffs as well as checks 
and balances in this new order. By ad¬ 
opting open source licensing, corpo¬ 
rations give up some control over dis¬ 
tribution and use of their software. 
They trade this for the benefits of wider 
adoption and free enhancements of 
their software. Similarly, by encourag¬ 
ing the formation of separate “org” 
bodies for the open source software 
they release, and by encouraging their 
developers to work within the rules 
set by such organizations, corporations 
are ceding some power over their own 
development projects. Simultaneously, 
individual developers may find that 
working within a formal structure pro¬ 
vides their actions with legitimacy as 
representatives of their employers. 

Some may object that democracy 
has no place in software development 
projects, stating they should instead be 
run as pure meritocracies. However, 


the power to vote within these pro¬ 
jects is not necessarily open to every¬ 
one; typically, only those who can 
claim a significant investment in and 
contribution to the project carry power. 
In any case, the heterogeneous nature 
of the community means that differ¬ 
ent projects will be free to experiment 
with different models of organization, 
just as different states and countries 
have different governments and con¬ 
stitutions; some projects will have elab¬ 
orate, formal models of authority, and 
others will have simple, informal ones. 
Each project will adapt to its own lo¬ 
cal conditions and requirements. 

Co-opetition: The Next Step 
in an Ongoing Evolution 

This is simply another step in the on¬ 
going evolution of the open source 
community. Although people worry 
about the dangers of the open source 
community being “corporatized,” the 
open source movement has been cor¬ 
poratized since Netscape’s original an¬ 
nouncement and business’ subsequent 
enthusiasm for Linux, GNU, and other 
software. People also worry about the 
danger of open source being politi¬ 
cized, but political differences have ex¬ 
isted since the days of the “GNU Man¬ 
ifesto.” Politics, in one form or another, 
will continue to play a role in the open 
source community as long as there are 
competing interests and disparities in 
relative power within projects. 

We can’t go back to some remem¬ 
bered time of innocence; we need to 
instead move forward and find ways in 
which individuals and organizations 
(both for-profit and non-profit) can 
work together for mutual benefit. Dif¬ 
ferent parties will not always agree and 
will certainly not always get what they 
want. However, collaboration is the 
key to the long-term goal of the open 
source model prevailing over the pro¬ 
prietary software model, truly chang¬ 
ing the way software is developed. 


Frank Hecker is Leading Licensing Expert 
at CollabNet and a moziUa.org member. 
He can be reached at frank@collab.net. 
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Installing, Configuring, 
and Using MySQL 

ack in our September 2000 issue, we 
gave our Tuxie Editors’ Choice Award for 
"Best Database” to MySQL. We've decid¬ 
ed that it’s time to feature some of the at¬ 
tributes that won MySQL that award. With 
easy installation and features such as data¬ 
base replication and integration with Perl, 
MySQL provides a scalable database solu¬ 
tion for everyone from small developers to 
large database dependent applications. 

First, if you don’t have MySQL on your 
system already, you can download it from 
http://www.mysql.com/downloads. The latest, 
official, stable release (as of this writing) is 
3.22.32. However, the newer 3.23.xx re¬ 
leases are now listed as "gamma” and are 
quite stable and recommended for new in¬ 
stallations. The MySQL development team 
labels their releases conservatively. There¬ 
fore, in this article we will be working with 
the 3.23.30 release. 


Sy Stew- SueA-iiny 

Basic Installation 

The MySQL Web site has pre-compiled MySQL versions 
available in both RPM and . tar.gz (tarball) packages. 
Like all free software, the source to MySQL is also avail¬ 
able. We’ll walk through the standard configure , make , 
and install starting from the source distribution. MySQL 
should compile and install on any Linux distribution that 
has been released in the last few years, provided that you 
have gcc installed. 

For our basic installation we will install MySQL into /usr/ 
local We’ll also create a mysql account and group that My¬ 
SQL will run under so that we’re not needlessly running 
it as root. 

> groupadd mysql 

> useradd ~g mysql mysql 

Once the group and user are added, unpack the MySQL 
source. 

> tar -zxvf mysql-3.23.30-gamma.tar.gz 

cd into the newly created mysql-3.23.30-gamma directo¬ 
ry and configure the installation. 

> ./configure --prefix=/usr/local/mysql 

There are many other options you can set at compile-time 
using additional command-line arguments to configure. 
They are all documented in the INSTALL-SOURCE file 
(which is a very detailed README). 

If you have little memory in your system, you may need 
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to add the - -with- low-memory option to configure. Oth¬ 
erwise, gcc may run out of memory during the compila¬ 
tion. In any case, once you’re done configuring the instal¬ 
lation, it’s time to build MySQL. Execute the command: 

> make 

Depending on your hardware and system configuration, 
it will take anywhere from five minutes to an hour to 
build MySQL. 

If the make fails for any reason, consult the INSTALL - 
SOURCE file for help. Most common compilation prob¬ 
lems are listed with known solutions. 

Assuming MySQL compiled without error, execute the 
following commands to complete the installation: 

> su 

> make install 

After that’s done, we’ll need to run one of the scripts in¬ 
cluded with MySQL to create the default databases. For 
our purposes, we’ll use the mysql_install_db script, which 
you can execute by issuing the command: 


So when you execute that command, you will be prompt¬ 
ed for the password. Simply enter the new-password you 
just created. 

Congratulations! You now have a fully functional MySQL 
database server running. It’s now a good idea to set up the 
MySQL server to start at boot time and, more importantly, 
shutdown when the system is halted. 

For Red Hat and other SYSV R4-type systems, simply copy 
the file mysql-3.23.30-gamma/support-files/mysqlsewer to 
/etc/init.d. Next, symbolically link S99mysql into /etc/rc.d/ 
rc3.d and SOlmysql to /etc/rc.d/rcO.d as follows: 

> In -s /etc/init.d/mysql.server /etc/rc.d/rc3.d/S99mysql 

> In -s /etc/init.d/mysql.server /etc/rc.d/rcO.d/SOlmysql 

Remember to make /etc/rc. d/init. d/my sql. server execut¬ 
able; it’s not executable by default. 

> chmod 755 /etc/rc.d/init.d/mysql.server 

For systems that keep their init scripts in a different 
location, you’ll need to consult your local documentation. 


> scripts/mysql install db 

Next, we need to change ownership of the newly creat¬ 
ed MySQL directory and files to the mysql user we creat¬ 
ed earlier. 

> chown -R mysql.mysql /usr/local/mysql 

Finally, it’s time to start the database server: 

> /usr/local/mysql/bin/safe_mysqld —user=mysql & 

If something goes wrong, examine the contents of the 
error file in /usr/local/mysql/var. 

In case you are wondering, safejnysqld is simply a shell 
script that launches the MySQL server process mysqld. 

Before going any further, you should change the root 
password for the database. 


MySQL does not rely on Linux’s usernames and pass¬ 
words. Each user needing access to the database must be 
listed in MySQL’s internal user database. 

You should now be able to log in to the MySQL data¬ 
base via the command: 

> /usr/local/mysql/bin/mysql -u root -p mysql 

As you might have guessed, the -u specifies the username 
you’d like to use when logging in. However, the -p tells 
the mysql command-line tool that you’d like it to prompt 
you for a password in this case. You can put the password 
on the command line, but there must be no space be¬ 
tween the -p and the password. The mysql at the end of 
that command specifies which of the databases on your 
database server you’d like to connect to. Unless told oth¬ 
erwise, the mysql command-line tool assumes that you will 
be connecting to the MySQL server on the local machine. 


Server Configuration 

Like many daemons, when mysqld starts up it looks for a 
configuration file. It will look for the file /etc/my.cnf by 
default. So to make things run smoothly on your system, 
you’ll need to build your own copy of /etc/my.cnf. The 
MySQL distribution comes with four sample configuration 
files in the support-files directory. You should select one of 
those to use as the basis for your own. Which one to se¬ 
lect depends on your hardware resources and whether 
MySQL is the primary service running on the system or if 
it must share resources with other services (such as Ap¬ 
ache or Sendmail). The four included sample files are: 

• my-huge.cnf: For systems with 1 GB or more RAM 
where MySQL is the primary service running on the 
machine. 

• my-large.cnf : For any systems with 512 MB of RAM 
where MySQL is the primary service running on the 
machine. 

• my-medium.cnf: For systems with less memory (32 
MB - 128 MB) where MySQL is sharing resources 
with other services. 

• my-smalLcnf: For systems with less than 64 MB of 
memory where MySQL is sharing resources with oth¬ 
er services and will not be utilized much. 

For our purposes, we’ll copy the medium file to my. cnf 
and edit it to suit our needs. 

> cp my-medium.cnf my.cnf 

The Customizing my.cmnf Sidebar, pg. 40, contains a list 
of the configuration options contained in my. cnf and their 
defaults as they appear in the [mysqld] section. In this 
article, we are only going to focus on the options that you 
are likely to customize in a new installation. As you gain 


> /usr/ local /mysql /bin/irysqladmin -u root password new-password 
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my.cnf 

Open my.cnf in your favorite editor and focus on the [mysqld] 
section, which is the section that deals with the MySQL daemon. 
The other sections are specific to various command-line utilities 
and are beyond the scope of this article. 

key_buffer=16M 

The key_buf f er tells MySQL how much memory it is 
allowed to use for caching index data. Increasing this value can 
often yield dramatic improvements in MySQL performance. How¬ 
ever, if this value is set too high it can adversely affect system 
performance (there won’t be enough memory available for Lin¬ 
ux and other processes). Our test system has 256 MB RAM, so 
we’ll change this value to 64 M. 

table_cache=128 

The table_cache is the number of simultaneously open 
tables that MySQL can have. MySQL requires two file descrip¬ 
tors for each unique open table plus one for each concurrent 
client using a table. For our larger installation, we will probably 
need more than 64, so well increase this value to 128. 

sort_buffer=512K 

If you plan to frequently use order by or group by with¬ 
in your queries, you may benefit from increasing the size of sor t_ 
buffer. For our database installation, we will leave the sort 
buffer value at its default. 

myisam_sort_bu£fer_size=8M 

myisam_sort_buf f er_size determines the size of the 
buffer used when repairing a table or creating an index. For our 
installation, the default value will be fine. 

One important value missing from my. cnf is the variable that 
tells MySQL which user it should run as. Because we created a 
mysqi user earlier, add the following line to the [mysqld] 
section of your my. cnf file. 

user = mysqi 


experience with MySQL, you may find reasons to alter some 
of the options not listed here. 

When you have finished editing the values that are list¬ 
ed in Customizing my.cnf you’ll need to copy the my.cnf 
file to /etc. 

> cp my.cnf /etc/my.cnf 

Now MySQL is configured to automatically startup and 
shutdown when your system does. When MySQL starts it 
will use the configuration options in /etc/my.cnf. 


Security 

Like any service, MySQL is only as secure as the 
machine on which it is installed. While keeping 
your system up-to-date with recent security fixes 
is important, you also need to understand the 
basics of MySQL’s security system so that you 
can keep your data safe. MySQL provides exten¬ 
sive host, database, table, and user-level securi¬ 
ty, which can all be applied to make the data 
and the server more secure. 

Network Security 

If the host that runs the MySQL database is not 
located behind a firewall, one effective security 
measure is to simply change the default TCP 
port (3306) that MySQL uses to listen for con¬ 
nections. Edit the /etc/my. cnf file and change the 
value of port = from 3306 to an unused port on 
your system. Make note of the port you change 
the MySQL server to, as you will need to apply 
the change to any remote clients that need to 
connect to your server. 

If your MySQL server is behind a firewall and 
will not need to answer requests from outside 
that firewall, it is best for the firewall to block 
connections to TCP port 3306. 

Database-Level Security 

Upon receiving a connection request, MySQL 
checks to see whether or not the user is allowed 
to connect to the database they’ve requested. This 
check involves not only the username and pass¬ 
word that the client provides, but also the host 
from which they are attempting to connect. If the 
combination of user, password, and host is not 
allowed, MySQL simply closes the connection. 

Table-Level Security 

When a user attempts to execute an SQL query, 
MySQL checks the user’s privileges to see if the 
user is allowed to perform the requested oper¬ 
ation. Some users may only be able to read 
(SELECT) data, while others might be given full 
read and write access to the tables. In fact, My¬ 
SQL allows you to set privileges for each of the common 
SQL queries: SELECT, INSERT, UPDATE, and delete. In 
addition to those, MySQL defines the privileges: alter, 
CREATE, DROP, GRANT, FILE, INDEX, PROCESS, 
REFERENCES, RELOAD, SHUTDOWN, and USAGE. 

The rule of thumb with MySQL security is the same as 
that of any good system security policy: Only give users 
the access they need — no more. You will find that most 
users should only need select, insert, update, and 
delete privileges. 
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Adding an 
Administrative User 

Let's add a new user to the database. This user will be a 
database administrator who will be allowed to add data¬ 
bases and other users. 

Log in to the MySQL server: 

> /usr/local/mysql/bin/mysql -u root -p mysql 

mysql> GRANT ALL PRIVILEGES ON *.* TO adminGlocalhost 
IDENTIFIED BY 'password' WITH GRANT OPTION; 

Query OK, 0 rows affected (0.03 sec) 

Exit and then log in as the new administrative user to 
make sure it works: 

mysql> exit 

> /usr/local/mysql/bin/mysql -u admin -p mysql 


Adding a Normal User 

Now we’ll add a normal (non-administrative) user who is 
allowed to add, update, and modify data stored in any 
table in the users database that we’ll create in the next step. 

mysql> GRANT SELECT,INSERT,DELETE,UPDATE ON users.* 
TO dbuser@localhost IDENTIFIED BY 'password'; 

Query OK, 0 rows affected (0.01 sec) 

It’s useful to know that MySQL will let you assign per¬ 
missions on objects (databases, tables) before they exist. 
This allows for planning security in advance of setting up 
your databases. 

Creating a 
Sample Database 

It’s now time to create a database. We’ll create a simple 
database called users that other services (like RADIUS or 
POP3 servers) might use for authentication. 


If you are still logged in, exit out of the MySQL client. 
Now you can create the database from the command-line 
as follows: 

> /usr/ local /mysql /bin/mysqladmin -u admin -p create users 

Or, if you are already logged in to MySQL, you can use the 

CREATE DATABASE statement: 

mysql> CREATE DATABASE users; 

Query OK, 1 row affected (0.06 sec) 

That’s all there is to it. If you disconnected, you can recon¬ 
nect to the new database with this command: 

> /usr/local/mysql/bin/mysql -u admin -p users 

Now we’ll create a passwd table in which we can store 
basic user information: 


3 

1 

i 

u 

passwd ( 



username 

varchar(8) 

not 

null. 

crypt 

varchar(128) 

not 

null. 

realname 

varchar(64) 

not 

null. 

shell 

varchar(20) 

not 

null 

); 





Adding Dafa 

Now we have a working administrative {admin) user, a 
new database {users) in which to store user information, 
and a user with minimal privileges {dbuser) to enter that 
information. Next, we’ll insert a record in the passwd table 
using the MySQL MD5 () function in an INSERT query. This 
will generate an encrypted password. 

First, you will need to exit MySQL and log back in again 
as dbuser: 

mysql> exit 

> /usr/local/mysql/bin/mysql -u dbuser -p users 

Now you can add a user to the passwd table in the users 
database and verify that the data is there with a select 
query, as illustrated in Figure One. 

For the complete guide to MySQL security, be sure to read 
the GRANT and REVOKE Entries in the MySQL Manual (see 
the Resources sidebar, pg. 42). 


mysql> INSERT INTO passwd VALUES (* Steve*,md5('badpassword*), 'Steve Suehring',*/bin/zsh'); 

Query OK, 1 row affected (0.00 sec) 

mysql> SELECT * FROM passwd; 

Figure One 

| username | crypt 

realname 

shell | 


| steve | 31edaffbaba455bc30c52681ceblea9d | 

Steve Suehring | 

/bin/zsh | 


1 row in set (0.00 sec) 
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MySQL On-Line Manual 
http://www.nnysql.com/documentation 

MySQL Download Site 
http://www.mysql.com/downloads 

grant and revoke Manual Entries 
http://www.mysql.eom/doc/G/R/GRANT.html 

MySQL Related Perl Modules 
http://www.mysql.com/downloads/api-dbi.html 

MySQL Mailing Lists 

http://www.mysql.com/documentation/lists.html 


Perl 


modules should all be installed in the following order: 

• Data-Dumper 

• DBI 

• Data-ShowTable 

• Msql-Mysql-modules 

Once you’ve downloaded the modules, you’ll need to be 
logged in as root to start the process of installing them. 
Like most Perl modules, these all follow the standard in¬ 
stallation process, starting with the Data-Dumper module: 

> tar -zxvf Data-Dumper-<version>.tar.gz 

> cd Data-Dumper-<version> 

> perl Makefile.PL 

> make 

> make test 

> make install 

Simply repeat the same steps for the DBI and Data-Show¬ 
Table modules. 

The installation of the Msql-Mysql-modules is slightly 
more involved. You’ll need to make sure that your MySQL 
server is running before beginning the installation of Msql- 
Mysql-modules. 

The Makefile is interactive and will ask some questions 
about the install, as illustrated in Figure 71m 


Having a database isn’t terribly useful unless you can use 
it from your favorite programming language. One of the 
best features of MySQL is that we can use it from a wide 
variety of programming languages (Perl, Python, PHP, Java, 


A Sample Script 

Now it’s time to build our first script. In Figure Three (pg. 
44) we create a script that will connect to the mysql data- 


C, C++, etc.). 

We’ll walk through the 
process of installing the nec¬ 
essary Perl modules that will 
allow you to use MySQL from 
a Perl script. Then we’ll look 
at a simple Perl script that 
uses the modules to gather 
some information about your 
MySQL server. 

Module Installation 

If you haven’t already down¬ 
loaded the Perl modules from 
the MySQL Web site, you can 
find them at http://www. 
mysql.com/downloads/ 
api-dbi.html. The modules are 
also available from any CPAN 
mirror site. 

MySQL.com recommends 
downloading at least the fol¬ 
lowing modules: 

• Data-Dumper 

• DBI 

• Msql-Mysql-modules 

We also recommend that 

you download the Data-Show¬ 
Table module as well. These 


> perl Makefile.PL figure TWO 

Which drivers do you want to install? 

1) MySQL only 

2) mSQL only (either of mSQL 1 or mSQL 2) 

3) MySQL and mSQL (either of mSQL 1 or mSQL 2) 

4) mSQL 1 and mSQL 2 

5) MySQL, mSQL 1 and mSQL 2 

Enter the appropriate number: 1 

Do you want to install the MySQLPerl emulation? You might keep 
your old MySQL module (to be distinguished from DBD::mysql!) if 
you are concerned about compatibility to existing applications! [n] 

Where is your MySQL installed? Please tell me the directory that 
contains the subdir 'include', [/usr/local/mysql] 

Which database should I use for testing the MySQL drivers? [test] mysql 

On which host is database mysql running (hostname, ip address or host:port) [localhost] 

User name for connecting to database mysql? [undef] root 

Password for connecting to database mysql? [undef] <new-password> 

Creating files for MySQL . 

Checking if your kit is complete... 

Looks good 

Warning: prerequisite Data::ShowTable 0 not found at (eval 14) line 228. 
Using DBI 1.14 installed in /usr/lib/perl5/site_perl/5.005/i386-linux/auto/DBI 
Writing Makefile for DBD::mysql 
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ACT ONE: SCENE ONE 


FADE IN: 

INTERIOR. BOARD ROOM Somewhere on planet Earth — DAY (EST) 

Camera PANS slowly across a packed Board Room. The CEO of your company demands a complete business 
plan that will double the company's profits. The entire office pauses as a palpable tension floods 

the.room- — Suddenly all -eyes are on you... the user of CHILLIWARE's full line of software solutions. 

CLOSEUP - YOU - LIT from underneath 


CEO 

(Offscreen) 
You are the one! 


FADE TO PROMOTION WITH JUICY WAGE INCREASE. ROLL CREDITS 



iceSculptor™ MOHAWK™ MENTOR™ • ^ NEXXUS™ XtremelCE™OS 

Desktop Publisher Apache™ Server Configurator Documentation Wizard * Contact Manager 

ChiIliware’," Inc. • 3550 Wilshire Blvd., Suite 1418, Los Angeles, CA 90010 • p:: 213.365.8700 f:: 213.365.1 150 • www.chilliware.net 


Linux : is the trademark of Linus Torvalds. Apache™ is a trademark of the Apache Software Foundation. All other trademarks are the property of Chilliware™. Inc. 





BY POPULAR DEMAND 


m , m 


Happy Hacking 


pfu AmmcA, %m. 

www.pfuea.com 


BLACK 


H+h Happy Hacking 

Keyboard series 

NEW ADDITION - BLACK MODEL 

✓ Very Small Footprint (11.6" x 4.3") 
s/ Full Size Key Pitch 
>/ UNIX Friendly Key Layout 

Sun/Type 5 keyboard based key layout 

- No Caps Lock Key 

- No Windows Key 

- CTRL Key is in Right Position 


Happy Hacking Keyboard : 

Multi-Platform model 

Sun / SPARC, PC (PS2), and Mac (ADB) 

Happy Hacking Keyboard LITE : 

PC (PS2) model 


www.pfuca.com 

1-888-681-8878 


base on the local MySQL server and list each of the 
tables it contains. 

DBI is Perl’s Database Interface. It abstracts the spe¬ 
cifics of most database APIs (MySQL, Oracle, Postgre- 
SQL, etc.) so that you can write scripts that are large¬ 
ly database independent with relatively little effort. 
To learn more about DBI, be sure to read the on-line 
documentation that was installed with the modules: 

> perldoc DBI 

Using the script in Figure Three , some basic SQL 
knowledge, and the DBI documentation, you can start 
building applications with Perl and MySQL in no time. 

Linux’s Next Killer App? 

There’s obviously much more to say about MySQL 
but this is all the space we have at the moment. Con¬ 
sidering MySQL’s ease of use and flexibility, it’s easy 
to see why many people are calling it “Linux’s next 
killer app.” Look for more articles in upcoming issues. 


Steve Suehring is a systems engineer at CoreComm. He 
can be reached at suehring@dangermen.com. 


Figure Three 


#!/usr/bin/perl -w 

use strict; 
use DBI; 

my $user = "root"; 

my $password = "YOUR_PASSWORD"; 

my $database = "mysql"; 


my $dbh = DBI->connect("dbi:mysql:$database",$user, 
$ password) or die "Cannot connect to database: $1"; 

my $query * $dbh->prepare("SHOW TABLES"); 
$query->execute(); 

while (my $tablename = $query->fetchrow_array) { 
print "Database $database contains a table 
called $tablename\n"; 

} 

$dbh-disconnect; 
exit; 

Here is what the output of this script looks like: 


> perl dbtest 

Database mysql contains a 
Database mysql contains 
Database mysql contains 
Database mysql contains 
Database mysql contains a 
Database mysql contains 
Database mysql contains 
Database mysql contains 


table called columns_priv 
a table called db 
a table called func 
a table called host 
table called tables_priv 
a table called testae 
a table called testad 
a table called user 
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The time one of your Linux web servers goes down. 

The time we spot the problem. 

The time we fix it. 

The time you are peacefully dreaming and not worrying about your hosting. 



MANAGED ■ HOSTING 


rackspace.com 800.961.2888 


Cisco Systems 



redhat. 


Technology 

Partners: 





Linux has made impressive inroads into the conservative enterprise server room in 
the past year. Use of Linux has expanded outward into many companies that have 
traditionally thought of themselves as Windows or Unix shops. With backing from big 
names in the tech industry, and with the continued support of Linux geeks every¬ 
where, Linux is fast becoming a mainstream corporate standard. In fact, Linux has 
become such a dominant force in the Internet server market that even businesses 
without in-house Linux expertise are looking at ways to integrate Linux into their 
Internet infrastructure. 

At the same time, the costs and limitations of hosting a large Web site in-house are 
proving to be impractical for many companies. It can be prohibitively expensive to 
run a T1 or T3 line out to a company campus, even for a large corporation. 
Fortunately, there is an excellent solution available for these needs. In many cases, 
companies with and without in-house Linux expertise are turning to co-location and 
managed hosting facilities to house their servers. 


MANAGED HOSTING OPTIONS 




Managed hosting offers all of the be¬ 
nefits of server co-location, including 
reduced bandwidth costs, guaranteed 
electrical power, physical security, and 
a controlled environment. However, 
managed hosting facilities take all of 
this one step further, providing full 
management and maintenance of the 


server hardware and software. 
Many managed hosting compa¬ 
nies will set up dedicated servers to 
meet your specifications (without re¬ 
quiring you to purchase hardware up¬ 
front) . 

Managed hosting can be particular¬ 
ly attractive to companies that don’t 
have a large internal IT staff to support 
and manage a co-located server or ser¬ 


ver farm. It is also often more difficult 
to establish and enforce a Service Lev¬ 
el Agreement (SLA — which basical¬ 
ly means that you get a guaranteed 
level of service for a fixed amount of 
money per month) with your internal 
IT department than with a managed 
hosting facility that is set up to pro¬ 
vide high uptimes and comprehensive 
management. 
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Managed hosting offers several advan¬ 
tages over traditional server co-loca¬ 
tion. With a managed hosting provid¬ 
er, maintenance of the hardware and 
software is the responsibility of the 
provider. Also, system backups and 
disaster recovery are typically covered 
under the terms of the service. SLAs 
guaranteeing uptimes from 99.9 per¬ 
cent to 99.999 percent (the famous 
“five nines”) can be negotiated if you 
are willing to pay the extra cash for 
such obscene reliability. These are 
major hassles in a typical co-location 
setup. With traditional co-location. 


you are responsible for all 
hardware maintenance 
and may have to handle your own 
system backups and software patch¬ 
ing. Also, the co-location provider is 
only responsible for reliable power 
and network connectivity. Keeping the 
server in working order remains the 
responsibility of the owner (you). This 
is fine if you have the budget and staff 
to handle the upkeep, though still cost¬ 
ly if you have unexpected downtime. 

So, if you are looking for a quick 
and easy way to get up and running 
with a Linux-based server or cluster 
of servers and you don’t want the day- 
to-day hassle of managing your ser¬ 


D0LLhost.com 



Worldwide, most hosting compa¬ 
nies concentrate on the services 
that they provide while relying on 
other established companies to pro¬ 
vide the actual hardware that powers 
those services. They buy servers, in¬ 
stall their own custom software im¬ 
ages, and configure them for custom¬ 
ers. This is true in the shared hosting 
scenarios that a large number of com¬ 
panies offer and with the more busi¬ 
ness-focused managed hosting offer¬ 
ings that have become popular in the 
past few years. 

Dell saw this trend developing and 
expanded their business offerings to 
include a full-fledged hosting arm. 
DellHost uses Dell’s PowerEdge enter¬ 
prise servers to provide customers 
with a wide range of hardware options 
for complete hosting solutions. They 
use Dell PowerApp servers for com¬ 
panies that need a dedicated basic 
Web server machine at a lower cost. 
All of them are running Linux, of 
course. At $199 per month for a ded¬ 
icated box, DellHost offers an excel¬ 
lent price versus performance ratio. 

DellHost offers customers the op¬ 
tion of handling their day-to-day ad¬ 
ministration themselves or having 
DellHost techs do the hardware and 
software maintenance, monitoring, 
and management. For $299, you get 


a PowerEdge 2450 with 866 MHz 
CPU, 128 MB RAM, and 9 GB SCSI 
drive. The server is RAID capable, in 
case you want to add additional dri¬ 
ves. And if your company needs some 
serious performance, stock systems 
as beefy as a Quad Xeon 550 MHz 
with 2 GB of RAM and three 18 GB 
drives in a RAID 5 configuration are 
available. This isn’t bad for $1,249 
per month with a 12-month contract. 

If you’re looking for solid managed 
hosting, a wide range of available 
hardware, and guaranteed uptime for 
a low cost, DellHost is just the ticket. 
While they don’t offer platforms other 
than their own Dell servers, and cen¬ 
ter their services to a large extent on 
standard hosting, their managed hos¬ 
ting offering is among the best. 


E 


Exodus is one of the big boys of site 
hosting, server co-location, massive 
bandwidth, and top tier peering rela¬ 
tionships. Many well-known Web sites 
are hosted on Exodus servers. In fact, 
they’re the provider that VA Linux Sys¬ 
tems uses to host sites in their Open 


vers, read on. We’ll outline some of 
the basic offerings from several ma¬ 
jor providers of managed hosting ser¬ 
vices. This is not an exhaustive list of 
all managed hosting providers. In¬ 
deed, making a truly comprehensive 
list of managed hosting companies 
would be an impossible task, as many 
ISPs and existing co-location facilities 
are getting into the act. 

Also, all of the providers we looked 
at offer multiple platforms (in hard¬ 
ware and operating system) under 
their managed hosting services. We 
concentrated on places that offer some 
type of Linux hosting; no Wintel-only 
providers were considered. 


Source Developers Network. Even that 
company in Redmond uses Exodus for 
hosting Internet and internal servers. 

Exodus provides managed hosting 
for a wide range of hardware and soft¬ 
ware platforms. Customers can rent 
preconfigured servers from a variety 
of vendors, including Sun, Dell, and 
Compaq. With their Managed Moni¬ 
toring Services, a comprehensive man¬ 
aged hosting service can easily be set 
up. Exodus is all about choice and 
they offer various levels of service at 
different prices. 

Exodus manages a worldwide net¬ 
work of Internet Data Centers in North 
America, Europe, and Asia. Through 
this widely dispersed network, vital 
data can be quickly rep¬ 
licated worldwide and 
then served up to end 
users from the near¬ 
est link. This not only 
gives the end 
user the fastest EXODUS 
possible exper¬ 
ience, but it also saves bandwidth by 
serving up information locally. 

While managed hosting isn’t Exo¬ 
dus’ only business focus, they have 
the infrastructure and technical know¬ 
how to do an overall excellent job of 
supporting all sizes of Internet sites. 

Of course, their services are on the 
pricey end. However, you definitely 
get what you pay for. Exodus is a good 
choice for those sites that demand the 
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best in peering relationships and solid 
uptimes — and have a large enough 
budget to afford it. 



If you can ignore the flying pig on the 
main page of their Web site, Hostopia 
might be your managed hosting uto¬ 
pia. Their approach is a bit different 
from the others we looked at. Hosto¬ 
pia is focused on providing services 
to companies that want to be hosting 
providers themselves. In other words, 
you can set yourself up as a full-blown 
hosting provider and have Hostopia 


invisibly do the grunt work. It’ll ap¬ 
pear to your customers that you’re 
providing the hardware and software 
services. 

Hostopia provides a totally out¬ 
sourced Web, e-mail, and e-commerce 
hosting solution. This is perfect for 
ISPs and ASPs who want to expand 
their services to include managed 
hosting for their customers. They of¬ 
fer cross-platform integration in their 
server farms, so customers are able 
to choose between BSD, 

Linux, and Windows 
services. 

Hostopia’s solution 
offers some unique 
advantages. For in¬ 


stance, all administration and config¬ 
uration is done through a customized 
Web interface, both for its direct cus¬ 
tomers and the end users of those 
customers. In addition, as a direct 
customer of Hostopia, you can man¬ 
age your own customers’ sites and 
account information through their 
w3Control Panel. 

Hostopia isn’t for everyone, but if 
you’re an existing ISP or ASP and 
want to easily resell managed hosting 
services without investing in a 
huge server farm, they 
are definitely worth 
a look. On the other 
hand, if you’re sim¬ 
ply an end user or 



COMPANY NAME 

PURCHASE/LEASE 

EQUIPMENT 

BANDWIDTH 

AVAILABILITY 




DellHost 

Purchase/lease 

Excellent 

peering 

Hostopia 

Lease 

Excellent 

peering 

HostPro 

Purchase/lease/ 
customer owned 

Excellent 

peering 

Hurricane 

Purchase/lease/ 

Excellent 

Electric 

customer owned 

peering 

ManageNet 

Purchase/lease/ 
customer owned 

Good peering 

NonStopNet 

Purchase/lease/ 
customer owned 

Excellent 

peering 

RackSpace 

Purchase/lease/ 
customer owned 

Excellent 

peering 

VaiueWeb 

Purchase/lease/ 
customer owned 

Good peering 

Verio 

Purchase/lease/ 
customer owned 

Excellent 

peering 

Exodus 

Purchase/lease/ 
customer owned 

Excellent 

peering 


SERVICES SUPPORTED 

HARDWARE RANGE 

Systems, Hosting, Security 
Networking, Application services 

Dell 

Managed servers, Hosting 

Intel, others 

Systems, Colocation, Hosting, 
Dedicated managed servers, 
Connectivity, Application services 

Intel, SPARC, Cobalt RaQ 

Co-location, Managed hosting 

Intel, SPARC, others 

Managed Web hosting, Database, 
E-mail, Internet access, LAN 

Intel, SPARC, others 

Managed Web hosting, Storage, 
Database, Networking 

Intel, SPARC, others 

Managed Web hosting, Monitoring, 
Networking, Software services, 
Security, Database, Backup 

Intel, SPARC, others 

Dedicated servers, 

Commerce hosting 

Intel, Cobalt, SPARC, others 

System admin, Backup, 

Web hosting, Site design, 

Security, ASP solutions, Security, 
Load balancing 

Intel, SPARC, others 

Systems, Networking, Contend 
distribution/caching, Security, 
Storage, Performance solutions, 
Application services 

Sun, Compaq, Dell, others 
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a small business who only wants bas¬ 
ic managed hosting, Hostopia’s ser¬ 
vices aren’t for you. 



HostPro is the perfect example of a 
diverse hosting provider. They offer 
traditional co-location, dedicated ser¬ 
vers with managed hosting, individ¬ 
ual site hosting, application hosting, 
and even home and business Internet 
access services. This makes them an 
excellent choice for non-technology 
companies looking for one source for 
all of their Web needs. 


HostPro’s wide 
platform support 
and varied servi¬ 
ces makes them 

a great pick for tech companies also. 
They offer dedicated hosting on Lin¬ 
ux, Cobalt RaQ 3 and RaQ 4 servers, 
Windows NT, Windows 2000, and So¬ 
laris platforms. All of these platforms 
can be set up as managed or unman¬ 
aged, allowing companies to pick and 
choose how they want their hosting 
servers set up. 

HostPro offers a comprehensive site 
control panel that allows the custom¬ 
er’s administrator (or others in the or¬ 
ganization) to set up sites, configure 
options, set up e-mail accounts, cus- 


HOSTPRO 


tomize site se¬ 
curity, and view 
_________ site statistics. 

Basically, any¬ 
thing that you would expect an expe¬ 
rienced admin to handle can be done 
by a non-geek through a control pan¬ 
el without command-line tweaking. 
Of course, if command-line tweaking 
is your thing, it’s available too. 

A standard HostPro managed Lin¬ 
ux server (the DH6) comes with a 
650 MHz Pentium III CPU, 256 MB of 
RAM, 9 GB SCSI disk, and 50 GB of 
monthly bandwidth for $1,045 per 
month. This can be scaled up for those 
who need even more horsepower. And 
if you’re looking for the ultimate in 


■■■1 

CLUSTERING 

ROOT 

ACCESS 

SLAs 

PRIMARY AUDIENCE 

PRICE RANGE 

URL 

Linux, Windows 
NT/2000 

Yes 

Yes 

Yes, 99.9% 
uptime 
guarantee 

Large enterprise 
customers, mid-sized 
businesses, Internet 
businesses 

$199 per month for 
basic Linux PowerApp 
server, $299 per month 
for basic Linux 
PowerEdge server 

www.dellhost.com 

Linux, BSD, 
Windows NT/2000 

Yes 

No 

Yes, 

99.99% 

ISPs, ASPs 

$9.99 to $69.99 
per account 

www.hostopia.com 

Linux, Solaris, 
Windows NT/2000 

Yes 

Yes 

Yes, wide 
range 

Small to large 
businesses, individuals 

$1,045 per month 
and up for managed 
Linux servers, 

$495 for unmanaged 

www.hostpro.com 

Linux, Windows 
NT/2000, others 

Yes 

Yes 

Yes 

Small to mid-sized 
businesses, individuals 

Unpublished 

www.he.net 

Linux, Unix, Windows 
NT/2000, Novell 

Yes 

Yes 

Yes 

Small to large 
businesses 

Unpublished 

www.managenet.net 

Linux, Unix, Windows 
NT/2000, others 

Yes 

Yes 

Yes 

Mid-sized to large 
businesses 

Unpublished 

www.nonstopnet.com 

Linux, Unix, Windows 
NT/2000, others 

Yes 

Yes 

Yes, 

99.999% 

Individuals, Small to 
large businesses 

$380.80 for baseline 
Linux server 

www.rackspace.com 

Linux, Unix, Windows 
NT/2000, others 

Yes 

Yes 

Yes 

Individuals, Small to 
mid-sized businesses 

$295 per month for basic 
VA Linux server 

www.valueweb.net 

Linux, Windows 
NT/2000, others 

Yes 

Yes 

Yes, 99.9% 
and up 

Individuals, Small to 
large businesses 

$375 for basic Linux 
dedicated server 

www.verio.com 

Linux, Unix, Windows 
NT/2000, others 

Yes 

Yes 

Yes, 

wide range 

Large enterprise 
customers, mid-sized 
businesses, Internet 
businesses 

Unpublished 

www.exodus.net 
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performance and scalability, HostPro 
also has managed clustering systems. 
A pair of clustered DH6 servers with 
a dedicated back-end storage server 
runs $3,250 per month and ensures 
maximum uptime for mission-critical 
applications. A cluster of four DH6 
servers with a back-end storage server 
is available at $6,050 per month, with 
even higher-end custom options for 
your super-duper, 24/7, no-downtime 
needs. 

HostPro offers a wide range of man¬ 
aged hosting options and services, 
making them a good choice for a wide 
range of users. They have low-end 
servers available for the cost conscious 
and massive, geographically distrib¬ 
uted clustered servers for those with 
the most demanding needs (and large 
budgets). 


the Net, and are on a tight budget. 
Hurricane Electric may be the service 
you need to get started. 

Hurricane Electric’s services are 
geared primarily towards individuals 
and small to mid-sized businesses, al¬ 
though they have the bandwidth and 
peering relationships to support larg¬ 
er businesses. However, if you’re in 
need of high-end servers and rock- 
solid SLAs, a small site like Hurricane 
Electric might not be the best fit. For 
the budget conscious managed host¬ 
ing shopper however, Hurricane Elec¬ 
tric may be just what you’re looking 
for. Now if they could get rid of that 
power shortage in California... 




Hurricane Electric sounds like some 
weird weather research company or 
power generating station. But they are 
a well-known Web hosting provider. 
They’ve made the leap from hosting 
and server co-location into the man¬ 
aged hosting arena, and their ser¬ 
vices match many larger providers. 

Dedicated servers with a gigabit 
backbone make Hurricane Electric a 
good choice for bandwidth-intensive 
customers. They handle all aspects of 
getting your site up and running, from 
ordering and configuring your server 
to taking care of the long-term sys¬ 
tem management. They have spare 
hardware on site in case of hardware 
failures, technicians ready to put out 
fires 24/7, and massive bandwidth to 
keep your site pumping even under 
Slashdoted loads. 

Unfortunately, only their self-service 
Web hosting services are available for 
instant setup from the Web. However, 
if you’re not in a last-minute 
rush to get your site on 



As their name implies, ManageNet is 
a company dedicated to managed 
hosting and services. They offer a 
wide range of managed hosting op¬ 
tions, including managed Web host¬ 
ing, database servers, and managed 
global e-mail services. ManageNet 
also offers Internet access and man¬ 
aged LANs and data centers for com¬ 
panies who want to outsource all of 
their IT resources. 

ManageNet’s local hosting services 
are a unique approach to linking your 
business to the Web. ManageNet will 
connect your existing IT infrastructure 
to key partners, customers, and re¬ 
mote sites, effectively doing managed 
hosting of your internal network as 
well as remote managed Web hosting. 
Of course, you can pick and choose 
how far you want to take your com¬ 
pany’s relationship with ManageNet. 
If you’re looking for standard man¬ 
aged Web and application hosting, 
they can take care of that with ease. 

Hardware and software support is 
broad with ManageNet, including Lin¬ 
ux (of course), many flavors of Unix, 
Windows NT, and even NetWare ser¬ 
vices. They offer a range of pricing 


and service lev- 

HURRICANE ELECTRIC els, which al- 

INTERNET SERVICES lows companies 

to start off with 



basic managed Web hosting services 
and then grow into their more in- 
depth network management and 
back-end hosting. ManageNet also 
offer services without long-term con¬ 
tracts, an appealing option for those 
just starting off on the Web. 

ManageNet isn’t for everyone. If all 
you’ll ever need is basic managed Web 
and e-mail hosting, many of their ca¬ 
pabilities will be lost on you. How¬ 
ever, if you hope to grow your man¬ 
aged hosting relationship into a broad¬ 
er overall IT outsourcing and manage¬ 
ment arrangement, ManageNet may 
be the perfect combination of services 
and costs. 


N0NST0PNET 


NonStopNet is a managed hosting pro¬ 
vider with one goal — redundancy 
at every corner. They offer varying 
ranges of managed hosting, with geo¬ 
graphically distributed data centers 
and a highly scalable infrastructure for 
businesses that need their hosting pro¬ 
vider to grow with them. NonStop¬ 
Net offers managed Web hosting, stor¬ 
age, databases, and even entire man¬ 
aged networks for customers. 

Their service isn’t limited to provid¬ 
ing the managed hosting that your 
company needs. Instead, they work 
with you from the needs analysis stage 
through network design to implemen¬ 
tation. It doesn’t stop there. Part of 
NonStopNet’s service is an ongoing 
relationship in which they help your 
company reevaluate current needs 
and tweak the service accordingly. 

NonStopNet can provide high-per¬ 
formance data storage services for 
your business as well. Replication be¬ 
tween sites ensures availability, and 
managed clustering ensures data in¬ 
tegrity. Of course, these high-end ser¬ 
vices come at a cost, but if your busi- 
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ness depends on 
these mission-cri¬ 
tical services, the 
costs of not having this support can 
be devastating. 

Massive redundancy and high avail¬ 
ability come at a higher overall cost. 
NonStopNet is probably not the best 
choice for small businesses or indivi¬ 
duals who want basic managed host¬ 
ing, although they do provide those 
services. Instead, NonStopNet is a 
better choice for mid-sized to large 
businesses that need high availabili¬ 
ty and plenty of room to grow their 
hosting needs. 



managed servers 
are, etc. 

Once the oper¬ 
ating system is chosen, a number of 
preconfigured options are available. 
Each can be customized. If you 
choose a stock configuration. Rack- 
space can get your site up and run¬ 
ning in an hour! 

Rackspace is a popular choice for 
those just getting started in the man¬ 
aged hosting arena, and for good rea¬ 
son. It’s easy to set up, customizing 
your server is simple, and costs can 
be matched to your budget. If you’re 
looking for an all-around strong man¬ 
aged hosting service and you don’t 
want to spend an arm and a leg to get 
started, you should give Rackspace a 
close look. 


NonStopNet 


When many people think of man¬ 
aged hosting the first company that 
comes to mind is Rackspace. They 
have made a name for themselves by 
allowing the easy and quick setup 
and configuration of a wide range of 
dedicated servers at reasonable prices. 
Rackspace focuses exclusively on the 
managed hosting market, and it 
shows in the way that their site and 
service are set up. 

With Rackspace’s “Price a Server” 
pages, customers can see (and mod¬ 
ify) exactly what they get for their 
money. For example, each server com¬ 
ponent, from CPU speed to operating 
system, can be modified and the price 
can be recalculated for monthly man¬ 
aged hosting. There is no need to pur¬ 
chase your server up front, as its cost 
is already factored into the monthly 
hosting fee. 

The ease with which you can tweak 
server options makes setting up a 
Rackspace server fun. The first op¬ 
tion you choose is your operating sys¬ 
tem. Linux is the first choice in the 
list (of course), but you can choose 
from Solaris, FreeBSD, Cobalt RaQ, or 
even Windows NT/2000. For 
non-technical users, they even ■ 
offer assistance with figuring out 
the basics, such 
as how to pick |^ ( 

an OS, what managed 


VALUEWEB 


ValueWeb is a hybrid — more than a 
co-location facility but less than a 
full managed hosting provider. If you 
are looking for a company that can 
provide dedicated servers, 99.9 per¬ 
cent uptime, and a money back guar¬ 
antee, and are willing to manage your 
Linux server yourself, then ValueWeb 
may be a good option. 

ValueWeb is less expensive than 
many of the other companies we list 
in this article, but their service does 
not extend to the day-to-day manage¬ 
ment of your servers. They provide 
the common shared hosting options 
that many other sites offer and give 
growing or larger companies the op¬ 
tion of having their own dedicated, 
custom-configured server. 

ValueWeb can do more than set up 
a simple server however. They offer 
merchant hosting options that allow 
new Web-based businesses to get up 
and running quickly with a full suite 
of commerce tools. While not as pow¬ 
erful in the long run as a 
imam totally custom server 

j *■■■ that your company must 

design and manage, 
their merchant hosting is 
hosting a perfect choice for those 


who need to get their commerce site 
going without the expense and has¬ 
sle of doing it themselves. 

Value Web’s dedicated servers offer 
enormous variety. They offer Intel- 
branded server hardware, VA Linux 
servers, and even Cobalt RaQ systems. 
ValueWeb has a wide range of hard¬ 
ware configurations that can be cus¬ 
tomized to meet your business’ exact 
needs. If, on the other hand, your 
company 

ValueWeb 

own ser¬ 
vers, Val¬ 
ueWeb will also co-locate your servers 
at their data center. 

This means that you can start with 
shared or merchant hosting and then 
grow into a dedicated server or fully 
customized company-owned solution 
without needing to change providers. 
ValueWeb doesn’t offer the in-depth 
managed hosting of the other sites 
we discuss in this piece, but their co- 
location and dedicated server solu¬ 
tions are worth a look for those that 
don’t need someone managing their 
Linux boxes. 


VERIO 


iwrFiW* jTOihI 

Verio is another big name in Web 
hosting services. They offer dedicat¬ 
ed servers, high bandwidth, rock solid 
facilities, and of course, managed 
hosting of your dedicated servers. 
Similar to HostPro and ManageNet, 
Verio can provide a full range of ser¬ 
vices from basic Internet access for 
your business to managed clusters of 
high-end servers. 

The managed services that Verio 
offers are divided into different cate¬ 
gories. In this way, your company can 
choose which management pieces it 
needs handled by an outside source 
while you can take care of some as¬ 
pects yourself, if you so desire. The 
categories are: system administration, 
backup services, security/firewall ser¬ 
vices, server monitoring services, and 
server load balancing. If you choose 
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to only subscribe 
to some of these 
services you can 
still have help 
with any of the others by simply paying an hourly or 
per-job fee for system administration support. 

Similar to the other facilities we discussed, Verio 
gives you full root access to your servers. They also 
have peering relationships with 15 Internet backbone 
links, ensuring that your site will be accessible even 
in the event of an Internet hub problem. 

Verio is definitely a provider aimed at the business 
community. They offer services to help your site grow 
and prosper, such as Web site promotion services and 
affiliate programs. They can handle the whole range 
of Internet services that your company needs, from 
registering your domain name to propagating your 
storage needs and data between data centers. 

If you’re an individual looking for an easy to set up 
place to host a simple Web page, Verio can do the job 
for as little as $24.95 per month. Of course, if you’re 
in need of managed hosting for a dedicated server, 
you should look to sites like Rackspace or Hostpro. 
Verio’s higher-end services are well designed for 
businesses that need to get their e-business going. 



IWiUHlI 



As many managed hosting companies as there are in 
this article, this list is by no means a comprehensive 
one. Any of these companies can provide basic Lin¬ 
ux-based managed hosting, but the one you should 
choose depends heavily on your budget and needs. 

Large enterprises needing geographical server dis¬ 
tribution and high-availability clustering should look 
to providers such as Exodus, Verio, or NonStopNet for 
their managed hosting. Small and mid-sized busi¬ 
nesses that need a more cost-effective solution, while 
maintaining a high level of service, should consider 
Rackspace, DellHost, HostPro, NonStopNet, Hurricane 
Electric, or ManageNet. ISPs and ASPs who are look¬ 
ing to resell hosting services will find what they need 
with Hostopia, while individuals should consider 
less costly alternatives such as Rackspace’s low-end 
offerings, Hurricane Electric, or HostPro. 

When you’re looking for a managed hosting pro¬ 
vider, the key is to make sure you know exactly what 
you need, what you’re willing to pay, and what your 
future plans are. There are literally hundreds of host¬ 
ing providers out there, and each offers a unique com¬ 
bination of services and features (at a wide range of 
cost); you should choose carefully. 


Kevin Railsback is the west coast technical director for 
the Info World Test Center. He can be reached at kevin_ 
railsback@infoworld. com. 

WWW.LINUK-MAG.COM 












OTG SOFTWARE. TAKING THE WORLD BY STORAGE. 

New for Linux/UNIX system users. 

Infinite storage capacity for critical data. 


OTG Software's DISKxtender™ takes Linux and UNIX systems to a higher 
level of storage performance. That means more enterprise data can be 
stored, accessed and managed more efficiently than ever. You'll have 
access from desktops, intranets, even the Web of business data. Today's 
e-world demands greater performance from your storage capacity. 

For Linux and UNIX users, the solution now includes DISKxtender™. 


INFINITE STORAGE. 

www.otg.com 

T 800 324 4222 World Headquarters 
T 301 897 1400 6701 Democracy Blvd., 8th Floor 

NASDAQ: OTGS Bethesda, MD 20817 


Data Storage and 
Access Solutions for: 

Telecommunications 

Research 

Education 

Health Care 

©Government 

Financial 


ULTIMATE ACCESS. 





users. Third, you get multiple domain hosting for just 
$149.95 a month, with up to 40 domains hosted at no 
additional monthly charge. And finally, HostPro 
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when other users run their own applications. 
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freedom. Call us for more information, or go to 
HostPro.com. And then do anything you want. 


It’s called HostPro Freedom for a reason. For the 
first time ever, HostPro gives you more control than 
servers costing three times as much. We’re the only 
host to offer you four unique features for Unix 
platforms. First, you have complete control over appli¬ 
cations. HostPro Freedom lets you run just about any 
software you want, or even change the Web server. 
Second, customization is no problem, since you’re 
running open source FreeBSD and have access to a 
port library of 4000 tested apps. Unlimited shell 
accounts allow you to create and control multiple 


Introducing FREEDOM. More power for less, for once 
















FREEDOM 200 FREEDOM 300 FREEDOM 400x FREEDOM 500x 

$59.95 $99.95 $149.95 $249.95 

300MB 400MB 500MB IGB 

10GB 20GB 30GB 40GB 

Unlimited Unlimited Unlimited Unlimited 


Price 

Disk Space 
Bandwidth 
Email Accounts 
Shell Access 
Root Access 
FTP/Shell Users 
Multiple Domain Hosting 10 Domains 
Shopping Cart Miva Merchant 

SSL Certificate Yes 

(visit our website for more) 


Try us on for size 




1-800-862-8917 

hastpfe.com - enter code: BIGGUY4 
BIGGUY4@hostpro.com 

© 2001 HostPro 


HOSTPRO 





































PHOTOS © GEORGE FREY 



Lineo's Bryan Sparks Wants Linux to Go Anywhere 


Does Linux really spell the end of proprietary 
embedded operating systems? Lineo CEO 
Bryan Sparks certainly thinks so — and lie's 
doing everything he can to make it happen. 


by Robert McMillan 


When all is said and done, Linux may have the 
greatest impact where it is the hardest to see — in 
the phones and PDAs and routers that, more and 
more, are being powered by the Penguin. One of the 
people at the forefront of the embedded Linux phenome¬ 
non is Bryan Sparks, CEO of Lindon, UT-based Lineo. After 
his Linux company Caldera bought DR-DOS from Novell in 
1996, Sparks began building a new line of business selling soft¬ 
ware and services to the embedded market. Before long, Sparks 
realized that it was Linux and not DR-DOS that held the 
most potential. Two years later, the embedded 
business was spun off from Caldera, and Lin¬ 
eo was born. Lineo filed for an IPO in the 
fall of 2000. Due to unfortunate market 
conditions, they were forced to call it 
off in January 2001. Despite this, when 
Sparks recently sat down to dinner with 
Linux Magazine's Publisher Adam Good¬ 
man and Contributing Editor Robert Mc¬ 
Millan, he was highly optimistic about the 
future of both embedded Linux and his own 


LINUX MAGAZINE: How did Lineo come to be 
spun out of Caldera? 


BRIAN SPARKS: Two years ago we 
weren’t even called Lineo. We were 
running under the awkward name 
“Caldera Thin Clients.” We were 
building these TV set-tops, software 
solutions. We had a browser that 
we were writing just for TV out¬ 
put, and it was not even Linux- 
based. It was DOS-based. At that 
time, there was this guy building a 
DSL router who came to us thinking 
that we would do a DOS-based router 
deal. We said, “You don’t want to do that. 
Tell you what, we’ll help you with Linux.” So we 
did a deal with him and put embedded Linux on his 
device. Then we got approached to put Linux on another 
device by a big device manufacture. We did a flash driver for 
them and that’s when we said, “Gosh, what are we doing? You 
know what? We need to be doing embedded Linux.” So in early 
1999, we started talking to Motorola and a bunch of other ven¬ 
dors. Motorola caught on first and said, “We’re thinking about 
doing Linux,” and they showed interest and helped us define 
what products we should build. So, that’s how we got here. 


company. 


LM: In the last two years, has the embedded Linux mar¬ 
ket matured in ways that surprised you? 

BS: Yes. Two years ago I thought I would find all our 
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success in areas where Linux was 
strong: networking, routing, fire¬ 
walls, gateways, VPN [Virtual Private 
Networks], those kinds of things. The 
big surprise for us has been the de¬ 
mand for Linux for consumer elec¬ 
tronics. It was not what we had antic¬ 
ipated. Linux alone doesn’t have an 
intrinsic GUI for embedded systems. 
You read about X-based applications. 
Well, X doesn’t work on embedded 
devices. It’s a pig no matter how small 
you try to make it. It just doesn’t 
work. However, even without an in¬ 
trinsic GUI, there was still interest for 
Linux in embedded, consumer elec¬ 
tronics that have graphical user inter¬ 
faces, simple as they might be. 


WE DO THINGS THAI MAKE 
THE COMMUNITY IN 
GENERAL SAY, “BOY, 
THOSE ABE WEIRD 
PEOPLE OVER THERE.” 

LM: Why are these consumer elec¬ 
tronics developers interested in Linux? 

BS: I think it’s because we offer a 
richer technology base and a richer 
technology roadmap than the tradi¬ 
tional RTOS [Real Time Operating Sys¬ 
tem] vendors offer. It’s not that it’s 
open source, though that’s interest¬ 
ing too because it gives the OEM (Or¬ 
iginal Equipment Manufacturer) a lit¬ 
tle more freedom than they would 
have if they were tied to someone like 
Wind River, who charges them for 
fixes to bugs that they find. 

Certainly cost is involved, because 
Linux is perceived to be cheaper and 
indeed is. But I really think that it’s a 
richer technology roadmap. I can do 
more, faster than an RTOS vendor, 
sometimes on an order of magnitude. 
We matched VxWorks’ [Wind River’s 
embedded operating system] function¬ 
ality in our first release of Embeddix 


[Lineo’s embedded Linux distribu¬ 
tion] . With our second release — man, 
we’re way ahead. I mean, we’re doing 
stuff I think they’re just now starting 
to talk about. 

LM: Is that because there is a com¬ 
munity of developers that are contri¬ 
buting to the same core technology? 

BS: Of course — and there’s my abil¬ 
ity to attract quality engineers and 
make them effective and productive 
sooner. 

LM: So what is the difference be¬ 
tween you and the other embedded 
Linux vendors? For example, you 
seem to approach real-time Linux in 
a different fashion from MontaVista. 

BS: In order to provide hard real-time 
guaranteed determinism, there are 
several things we have to do. If you’re 
an application on Red Hat and you 
want hard real time on Red Hat 6.2, 
you can’t get that, because you are at 
the whim of the scheduler that sched¬ 
ules you. You can be a high-priority 
task, but if there are five other high- 
priority tasks, you’re dead. So, we’ve 
had to introduce a layer of determin¬ 
ism that architecturally sits under¬ 
neath the Linux kernel. Computer sci¬ 
ence academics call it an executive. 
It’s a real-time executive that runs 
Linux as a task. 

LM: Like a microkernel? 

BS: Like a microkernel, yes. But, you 
see microkernels — Mach or Chorus 
or some of the others — those were 
micro only on paper. In actual imple¬ 
mentation they were macro. Man, 
they were huge! Mach was just mas¬ 
sive. And with Mach and Chorus you 
ran operating system personalities on 
top. We’re not that full featured but 
we do have this little layer under¬ 
neath, this run-time executive. And 
it’s not an OS; we don’t provide all 
those services. We expose an API and 
we have a whole developer kit that al¬ 
lows tasks to register their desire for 


real-time services. That’s how we do 
it. That’s hard real time. We also do 
soft real time, which is really just 
having high priority tasks. That’s 
what Monte Vista does. Monte Vista 
went in and modified the Linux sched¬ 
uler. We did the same thing to essen¬ 
tially create a higher priority granu¬ 
larity in the scheduler. 

LM: It seems like there are a variety 
of different forks of the embedded Lin¬ 
ux kernel out there. 

BS: What we don’t want is... OK, we 
splintered Linux but not on purpose. 
We basically put Linux on devices 
that the community doesn’t have mo¬ 
mentum on — like an ARM chip. The 
community, in general, has made no 
effort to put Linux on the ARM chip. 
In that sense we’re kind of a deriva¬ 
tive. We don’t mean to be. We try to 
give back but we’re not normally 
picked up by the community because, 
again, there’s just not a lot of inter¬ 
est. So in some areas we do branch. 
In the real-time space we’re probably 
branching a bit too because, in gen¬ 
eral, the community doesn’t really 
care. 

LM: I’ve wondered about this. Every¬ 
one talks about the embedded mar¬ 
ket as an important space for Linux, 
but I’m not sure it really means any¬ 
thing to the community running 
Linux on their desktops and servers. 
Do you think it will? 

BS: I don’t know if it will or not. You 
think of the Linux community as a 
great big mass of people, right? So 
they all congregate around what the 
mass feels is interesting. Servers are 
interesting. For example, with Linux 
2.4 there’s a great big push for a bet¬ 
ter SMP. Those kinds of things don’t 
really play in the embedded space. 
We play on ARM chips and Hitachi 
chips — things that are not interest¬ 
ing to the community at large. You 
can’t buy a Hitachi-based PC. So I’m 
not sure there really is a connection 
to the community. 
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LAA: Are you saying you don’t really 
feel connected to the Linus Torvalds 
and Alan Coxes of the world? 

BS: Oh, we do. We make changes and 
all of that. However, we do things 
that make the community in general 
go, “Boy, those are weird people over 
there.” 

LAA: Do you think that it’s inevitable 
that there will be many kernel forks 
with all these weird changes? 

BS: We move to some different — I 
don’t want to say weird, but certain¬ 
ly divergent from the community — 
platforms. I’ll give you a concrete ex¬ 
ample. We run on devices that have 
chips that don’t have an onboard 
hardware MMU [Memory Manage¬ 
ment Unit]. So there isn’t an MMU, 
and so you have to modify the Linux 
kernel, which makes substantial use 
of hardware MMUs. For example, the 
exec system call is copy on write; 
that’s an MMU function. We have to 
write our own exec for MMU-less 
chips. That’s a fork. 

LAA: So do you have to consciously 
find ways to work with other embed¬ 
ded Linux vendors to minimize fork¬ 
ing and try to get the most out of the 
work that you’re all doing? 

BS: Well, you know what? That was 
the original intent of the Embedded 
Linux Consortium. Perhaps we did 
that wrong, but that was what we 
wanted to accomplish. It’s not going 
to do that unfortunately. 

LiUI: Why not? 

BS: I mean, Wind River is a member. 
They don’t even talk Linux anymore. 

I don’t even know what they are do¬ 
ing. The notion was, “Let’s create con¬ 
ventions since we’re in virgin territo¬ 
ry for the Linux community.” One ob¬ 
vious thing is how to launch apps on 
embedded devices that don’t have 
command-line prompts? Let’s just 
come up with a convention. Nobody 



gets a competitive advantage out of it. 
Let’s just come up with one we all 
agree on. That was what I wanted 
from the Embedded Linux Consorti¬ 
um. It didn’t do that. It quickly turned 
into, “Well, I want my time,” and, 
“Oh, we should be marketing,” and 
...oh man! 

So now we’re just kind of doing our 
own thing. I think we’d all agree that 
nobody sees a competitive advantage 
in the way we launch applications. 


LiUI: Is the name Linux going to real¬ 
ly mean anything in the long run if 
you guys have all these little forks and 
your competitors do things in differ¬ 
ent ways? 


BS: It may not matter. Do we care if 
it’s Linux? Well yeah, I don’t want to 
shoot myself in the foot. My biggest 
differentiation right now is that I’m 
Linux. Linux is a means to an end for 
us, so it would be silly to drop Linux 
and do BSD. However, we are not a 
company that believes everything we 
build must be open source. 

We don’t challenge the GPL. In fact, 
we’re working with the Free Software 
Foundation to actually define it a lit¬ 
tle better — but we’re going to add 
proprietary value and we think we 
should get paid for our value-add. If 
you don’t want it, that’s fine. Build it 
yourself. That’s capitalism in its pur¬ 
est sense. 

So it’s not that we’re just forking 
Linux. I don’t want you to get the 
impression that we are. We’re just tak¬ 
ing Linux into areas that the commu¬ 
nity in general isn’t going into. I don’t 
call that a fork. You might, but we 
don’t really care if the community 
picks up the things we add because 
we’re not publishing source to them. 


LAA: Then why did you choose Linux? 


BS: The paradigm shift — If I’d done 
just another RTOS, I would have had 
no chance of knocking Wind River out. 


LAA: So you’re riding the momentum 
essentially? 
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BS: Well, we’re riding the momentum and taking 
advantage of the inherent qualities that differentiate 
us from our largest competitors. How do you take 
your competitor’s greatest strength and turn it into 
his weakness? You can’t change his strength. 

Wind River’s strength is VxWorks. They can’t just 
swap that out, because $400 million a year in revenue 
would simply disappear. So you ask, “How can we 
take that out?” Well, you know what? We commodi¬ 
tize it. Wind River talks about raising per-unit value 
in time; they tell their investors that. I say we’re here 
to commoditize system software for embedded devices. 
That hurts them and gives me opportunity. 

I can do exactly the same stuff — technology road¬ 
map, feature set — with less resource leveraging, and 
then move faster and charge less for it. That’s a para¬ 
digm shift. 

LM: What do you think of your competitors who are 
responding by embracing Linux and putting Linux 
APIs on top of their own operating systems? 

BS: Well, I’m just sitting in my little office at work 
going, “Boy, if I was my competitor, what would I do 
now?” It’s a logical thing to do. But that doesn’t help 
them really. It doesn’t enrich their roadmap. They are 
just following at that point. The more they wait the 
harder it gets, because the more brand value we cre¬ 
ate the more customer relationships we establish. 

LM: What exactly are you making your money from 
right now? 

BS: We sell tools. 

LM: Is that where you make the bulk of your revenue? 

BS: At this stage, we make the bulk of our money in 
services. But all of them have to do with product 
sales, so we still have many design wins. We’re early in 
our company. We have a lot of design starts. Until 
those products actually ship and we start seeing re¬ 
siduals, we’ll fill out our revenue stream with “hand 
holding.” So we have three ways to make money: real 
product that we charge for — per unit — sometimes 
for our value add, tools, and professional services. 

We’re not a job shop. We do professional services 
as it relates to a product sale. If somebody comes to 
us and says, “The only thing I want is for you to help 
me do this with that Linux device; I’ll never see you 
again,” we’ll say, “Go do it yourself. Good luck. You’ll 
be back.” 


Robert McMillan is a contributing editor with Linux 
Magazine. He can be reached at bob@linux-mag.com. 
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You've heard the old saying, "If you can't beat 'em, join 'em." Well, if 
Microsoft were to adopt a corporate motto, it might be something 
more like, "If you can't beat 'em, embrace and extend 'em." Seriously, 
Microsoft knows when it's fighting an uphill battle on a technical front. 
When it's clear that a Microsoft-fostered initiative will not take over the 
world, they eventually adopt the dominant standard. Sort of... 


With Windows 2000, Microsoft finally did away with WINS (Windows 
Internet Naming Service, Microsoft's proprietary NETBIOS naming ser¬ 
vice) and began using the Domain Name System (DNS), the Internet's 
standard naming service. This seems like good news for those who run 
(or aspire to run) pure, simple, IP-based networks. However, Windows 2000 
was written to work best with (guess what?) the Microsoft DNS Server. 


Historically though, BIND, the Berkeley Internet Name Domain soft¬ 
ware, has been the most popular implementation of DNS. And while it's 
certainly possible to support a Windows 2000 environment using a tradi¬ 
tional BIND name server, it requires some special configuration. In this 
article, well explore a number of configuration options and gain a thor¬ 
ough understanding of how to accommodate Windows 2000 with BIND. 

First though, let's examine how Windows 2000 uses DNS. 


Before we proceed, one quick note — for the purposes of this article, we 
assume that you are familiar with the inner workings of traditional 
BIND name servers. If you're not, please check out the article Using 
DNS in the September 2000 issue of Linux Magazine. You can find it on 

the Web at http://wwwiinux-mag.com/2000-09/dns_0ihtml. 

by Cricket Liu 


How Windows 2000 

Uses DNS 

1 _ 

Back in the bad, old days of WINS, 
Windows clients “registered” their 
current NETBIOS name-to-address 
mappings with WINS servers when 
they were assigned IP addresses via 
DHCP (Dynamic Host Configuration 
Protocol). NETBIOS names were al¬ 
located out of a flat name space, and 
all WINS servers on an organization's 
network were supposed to have com¬ 
plete, synchronized copies of this 
name space. If a Windows client reg¬ 
istered with one WINS server, that 
WINS server would tell all of its “re¬ 
plication partner” WINS servers about 
that client's name-to-address map¬ 
ping. These partners would, in turn, 
tell their partners, and so on. This 
made WINS servers very chatty. This 
relatively unsophisticated synchro¬ 
nization mechanism could also leave 
inconsistencies among WINS servers. 
In addition, the use of a flat name 
space for NETBIOS names could result 


























Using BIND 
Name Servers with 
Windows 2000 


in naming conflicts between WINS 
servers. 

Now DNS provides a feature, de¬ 
scribed in RFC 2136 (http://www.ietf. 
org/rfc/rfc213 6. txt) , called dynamic 
update. Dynamic update allows an 
authorized updater to modify the con¬ 
tents of a zone on the zone’s primary 
master name server. The updater can 
add or delete records from the zone 
and can make those operations con¬ 
tingent upon certain conditions, like 
the existence or non-existence of a 
particular domain name or record. 

Why didn’t Microsoft simply use 
DNS’s dynamic update mechanism to 
handle registration, obviating the need 
for a separate, largely redundant nam¬ 
ing service? Well, WINS was devel¬ 
oped well before the advent of dy¬ 
namic update. 

Windows 2000 
Clients 

Nowadays, both Windows 2000 cli¬ 
ents and servers use DNS. A Windows 


2000 client with a static IP address re¬ 
gisters its name-to-address and ad- 
dress-to-name mappings by sending 
dynamic updates. One update adds 
the client’s address (a) record and an¬ 
other adds the client’s pointer (ptr) 
record. For example, a client called 
host .a. example with the address 
10.0.0.1 would send updates to 
add the two records, as illustrated in 
Figure One. 

The first of these records maps 
host. a. example’s domain name to 
the address 10.0.0.1. The second 
maps the address 10.0.0.1 to the 
domain name ho s t. a. examp 1 e. 
Both records are necessary to ensure 
correct forward- and reverse-mapping. 

A Windows 2000 client with a dy¬ 
namic IP address (running DHCP) also 
registers its name-to-address mapping, 
but by default its DHCP server reg¬ 
isters the client’s address-to-name 
mapping. In other words, the DHCP 

host.a.example. IN 

1.0.0.10.in-addr.arpa. IN 


client sends the update to add the A 
record, while its DHCP server sends 
the update to add the appropriate PTR 
record. 

An administrator can also config¬ 
ure the DHCP server to handle send¬ 
ing all dynamic updates. This is meant 
for use with DHCP clients that lack 
the ability to update their own name- 
to-address mappings but works with 
Windows 2000 DHCP clients also. 
The server sets a special DHCP option 
that tells the client, “Just relax — I’ll 
do all the work.” Then the DHCP 
server sends the updates to add the A 
and PTR records. 

Windows 2000 clients set dynamic 
update prerequisites when adding A 
records. Prerequisites allow an updat¬ 
er to specify conditions that must hold 
before the update is applied. For in¬ 
stance, the updater could specify that 
the A record for host.a.example 
that was shown earlier 
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Figure Two 
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should be added only if the domain 
name host. a. example doesn’t 
already have an A record associated 
with it, or only if the domain name 
host .a. example doesn’t already 
exist. In fact, this is very similar to 
the prerequisites actually specified 
by Windows 2000 clients, which are: 

1. The domain name of the client 
must not already own an address 
record. 

2. The domain name of the client 
must not be an alias. 

What happens when a Windows 
2000 client’s update is denied because 
a prerequisite isn’t satisfied? Well, if 
there’s a conflicting A record, the cli¬ 
ent deletes the offending record and 
tries again. Why? Well, the A record 
could be an old record that the client 
added, and didn’t later delete, when 
it had a different name-to-address 
mapping. 

Windows 2000 

omain Controllers 

Windows 2000 Domain Controllers 
use DNS too, but for a different rea¬ 
son. Domain Controllers send dynam¬ 


ic updates to add SRV records that 
advertise where (on which host and 
port) various services are available. 
This way, when a Windows 2000 cli¬ 
ent needs to reach the Kerberos serv¬ 
er for its domain, it can simply look 
up the right SRV record. 

SRV records, in case you’re not fa¬ 
miliar with them, have a fairly com¬ 
plicated syntax, especially when com¬ 
pared to the more common A and 
PTR records. First, the owner name 
in an SRV record isn’t just any old do¬ 
main name; it has a special format: 

_service. ..protocol. domain name 

service is the name of a network 
service, as might appear in the /etc/ 
services file, like telnet, protocol is 
the name of a transport protocol, usu¬ 
ally udp or tcp. Both the service and 
the protocol identifiers follow an un¬ 
derscore, which is used to avoid col¬ 
lisions between domain names that 
own SRV records and domain names 
that represent hosts. 

All SRV records are attached to do¬ 
main names in this format. They then 
apply to clients of the named service 
running over the specified transport 
protocol. So, the hypothetical domain 
name _http._tcp.verisign.com 
applies to HTTP clients (e.g., Web 
browsers) running over TCP and try¬ 


ing to access the 
destination domain 
name verisign.com. 

Each SRV record 
has four record-spe¬ 
cific fields: priori¬ 
ty , weight , port , and target Priority , 
weight and port are all unsigned, 16- 
bit integers, while target is a domain 
name. Figure Two contains a few sam¬ 
ple SRV records. 

Let’s take Figure Two apart, field-by- 
field: 

> Priority functions similarly to the 
preference field in an MX (Mail Ex¬ 
change) record; if a client finds that 
multiple SRV records apply to a des¬ 
tination that it’s accessing, it must use 
the SRV records in the order specified 
by the records’ priority fields, lowest 
priority value first. So a Web browser 
that is retrieving these SRV records 
would first try to contact www.movie. 
edu before trying wwwl.movie.edu 
and www2.movie.edu. 

> The weight field is used for load 
distribution; if a client finds multiple 
SRV records with the same priority, it 
must use the corresponding targets 
in proportion to their weights. So a 
Web browser that isn’t able to contact 
www.movie.edu would then have to 
choose randomly between wwwl. 
movie.edu and www2.movie.edu. The 
client would choose wwwl.movie, 
edu first 50 percent of the time and 
www2.movie.edu first the other 50 
percent of the time. 



$ORIGIN fx.movie.edu. 

@ 

_kerberos ._tcp. dc ._msdcs 
_ldap._tcp.dc, jmsdcs 

_ldap .__tcp. e4377 09a-1862- lld3 - 8eda - 00400536c213. domains.jmsdcs 
e4377099 -1862 -lld3-8eda-00400536c213.jmsdcs 
gc. jmsdcs 

:„ldap. _tcp. gc. jmsdcs 
_ldap. _tcp. pdc. jmsdcs 
_gc._tcp 
_kerberos._tcp 
_kpasswd._tcp 
_ldap jtcp 
_kerberos._udp 
_kpas swd._udp 


Figure Three 
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> The port field simply tells the 
client which port the service is run¬ 
ning on. HTTP, of course, normally 
runs on port 80. www2.movie.edu, 
however, runs its Web server on the 
non-standard port 8080, so an SRV- 
aware Web browser would try that 
port instead. 

> Finally, the target field simply tells 
the client the domain name of a host 
running the service. The priority, 
weight, and port information in an 
SRV record only apply to the target 
specified in that record. 

Windows 2000 Domain Controllers 
add a sheaf of SRV records when you 
set them up. Figure Three contains a 
list of the records our Domain Con¬ 
troller added to our zone shortly after 
we set it up. 

Most of the records in Figure Three 
make sense if you know that a Do¬ 
main Controller is basically a combo 
Kerberos/LDAP server; _kerberos, 
_ldap, and _kpasswd are all ser¬ 
vices that are related to these func¬ 
tions. _gc is Active Directory’s Glo¬ 
bal Catalog service, which is used to 
find out which Active Directory serv¬ 
er has information about a particular 
object. 

You should also notice that two of 
the records aren’t SRV records at all — 
they’re A records. One is attached to 
the domain name of the zone (“@” is 
shorthand for “the current origin,” 
which is fx.movie.edu, the domain 
name of our zone). Another record is 
attached to the domain name gc._ 
msdcs . f x.movie. edu. However, 
all of the records — not just the SRV 
records — point to either the domain 
name or the IP address of our Domain 
Controller, matrix.fx.movie.edu. 




| BIND Solutions 



There are several ways to configure 
BIND to satisfy all of Windows 2000’s 
requirements. Not one is perfect. We’ll 
examine these solutions and point out 
the advantages and disadvantages of 
each. 


Letting Each Windows 2000 
Client Send Updates 

By default, each Windows 2000 cli¬ 
ent will try to update its own name- 
to-address mapping. If you want to 
permit these updates, simply allow 
dynamic updates to your forward¬ 
mapping zone (the zone that contains 
your hosts’ A records) from any IP 
address that a Windows 2000 client 
might have. 


edu. Consequently, we don’t recom¬ 
mend this. 

Letting the DHCP Server 
Send All Updates 

A somewhat saner approach is to 
configure the DHCP server to handle 
updating both a client’s name-to-ad- 
dress and its address-to-name map¬ 
pings. You can configure this through 
the DHCP Manager. 


There are several ways to configure BIND to satisfy all of 
Windows 2000's requirements. Not one is perfect; you 
should weigh the advantages and disadvantages of each. 


First, define an access control list 
in the name server’s named, conf file. 
This ACL will correspond to the IP 
addresses of all of our DHCP clients 
and will let us refer to them by the 
name “dhcp-clients” (rather than 
having to specify their addresses). You 
can do this as follows: 

[ acl J|thcp- clients" { 
192.253.254/24; 

5; 

Now that we’ve defined the ACL, 
we can refer to it elsewhere in the 
named, conf file. To restrict dynamic 
update to a zone, we use the name of 
the ACL in an allow-update sub¬ 
statement: 

zone "fx.movie.edu" { 
type master; 
file "db.fx.movie.edu"; 
allow-update { "dhcp- 
clients"; }; 

HI . : 

Does allowing dynamic updates 
from any DHCP client sound scary? 

It is. 

A user on any computer with 
one of those IP addresses could 
make just about any change to 
your forward-mapping zone. All 
he would have to do is load the 
appropriate software and he could 
make www.fx.movie.edu an alias 
for www.whitehouse.com. Or, he 
could just delete all of fx.movie. 


Since you now know that all dy¬ 
namic updates will come from your 
DHCP server’s IP address, you can eas¬ 
ily restrict dynamic updates to just 
that IP address, as illustrated in Fig¬ 
ure Four. 

Note that we also let the DHCP ser¬ 
ver update our reverse-mapping zone, 
254.253.192.in-addr.arpa. 

What’s wrong with this? Well, one 
problem is that the DHCP server sim¬ 
ply believes a client when it specifies 
its fully qualified domain name. In 
other words, if you configure your 
Windows 2000 client with the domain 
name www.fx.movie.edu, the DHCP 
server will delete any conflicting ad¬ 
dress record at that domain name and 
add a record pointing www.fx.movie. 
edu to your client’s IP address. This 
is no good. 

^, , Figure Four 

acl "dhcp-server" { 
192.253.254.2; 

i ; V' ■ 

zone "fx.movie.edu" { 
type master; 
fi1e "db.fx.movie.edu"; 
allow-update { "dhcp-server"; }; 

r 

zone "254.253.192.in-addr.arpa" { 
type master; 
file "db.192.253.254"; 
allow-update { "dhcp-server"; }; 
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Figure Five 


acl "dhcp-clients" { 

192.253.254/24; 

} I 

acl "dhcp-server" { 

192.253.254.2; 

} ? 

zone "fx.movie.edu" { 

type master; 
file "db.fx.movie.edu"; 

} ; 

zone "dhcp.fx.movie.edu" { 

type master; 

file "db.dhcp.fx.movie.edu"; 
allow-update { "dhcp-clients"; } ; 

}; 

zone "254.253.192.in-addr.arpa" { 
type master; 
file "db.192.253.254"; 
allow-update { "dhcp-server" 

} ; 


that zone from any Win¬ 
dows 2000 client, as illus¬ 
trated in Figure Five. 

Note that we still need 
to let our DHCP server up¬ 
date our reverse-mapping 
zone. If we have clients 
with static addresses, they 
will update their own PTR 
records. We should in¬ 
clude them in the access 
control list for the reverse¬ 
mapping zone. 

We’ve effectively creat¬ 
ed a little sandbox (or asy¬ 
lum, if you prefer) for our 
Windows 2000 clients. 
They can trash it if they 
want — deleting each oth¬ 
er’s address records, for 
example — but they won’t 
interfere with records in 
our main forward-map- 
ping zone, fx.movie.edu. 

Letting Only the Domain 
Controller Update the Zone 

Now we’ve got to take 
care of the Domain Con¬ 
troller. The DC, you’ll 
remember, will try to 
add all sorts of SRV re¬ 
cords (and a couple of 
A records) to our for¬ 
ward-mapping zone. We 
could just let it update 
the zone. This is less 
problematic than let¬ 
ting some random Win¬ 
dows 2000 client update 
the zone, since we have 
complete control of the 
Domain Controller. If we 
choose to go that route, 
we simply allow updates 
from the Domain Con¬ 
troller’s IP address to our 
main forward-mapping 
zone, as illustrated in 
Figure Six. 

We’re fairly safe as 
long as we don’t allow 
anyone to send arbitrary 
dynamic updates from 
the Domain Controller to 
our name server. 


Creating Special SEW Uuhmmms 
What if you’re skeptical of your Do¬ 
main Controller’s security? Or what 
if you don’t trust the dynamic update 
code in Windows 2000 not to trash 
your main forward-mapping zone? 
Well, you can certainly take advan¬ 
tage of the funny format of the owner 
names in those SRV records and cre¬ 
ate subzones for all of those records 
to live in. 

Remember that, generally, SRV re¬ 
cords have the form: 

_service. _protocol. domain name 

The protocol for most services is eith¬ 
er udp or tcp. Microsoft also uses the 
pseudo-protocols msdcs and sites. 
So we’ll just create subzones called 
_udp. fx.movie. edu, _tcp. fx. 
movie.edu, _msdcs.fx.movie. 
edu and _sites.fx.movie.edu. 
However, we’ll have to take one spe¬ 
cial precaution — because the A re¬ 
cord that the Domain Controller wants 
to add to the _msdcs.fx.movie, 
edu zone would other- 


, v vi y : ' } 

acl "dhcp-clients" { 

192.253.254/24; 

} ; 

acl "dhcp-server" { 

192.253.254.2; 

} ; 

acl "domain-controller" { 

192.253.254.3; 

} ; 

zone "fx.movie.edu" { 
type master; 
file "db.fx.movie.edu"; 
allow-update { "domain-controller"; }; 

} ; 

zone "dhcp.fx.movie.edu" { 
type master; 

file "db.dhcp.fx.movie.edu"; 
allow-update { "dhcp-clients"; }; 

} ; 

zone "254.253.192.in-addr.arpa" { 
type master; 
file "db.192.253.254"; 
allow-update { "dhcp-server"; }; 

} ; 


Isolate Windows 2000 Clients 

For maximum protection you can iso¬ 
late your clients in their own zone. 
By default, Windows 2000 assumes 
that the domain name of your clients’ 
forward-mapping zone is the same 
as the name of the Windows 2000 do¬ 
main that they belong to. However, 
Windows 2000 will also allow you 
to specify the domain name of the 
zone independently. 

The easiest way to do this is by 
right-clicking on My Computer and 
choosing Properties. Next, choose the 
Network Identification tab and click 
the Properties button. On the Identi¬ 
fication Changes window, click the 
More... button. Now fill in the domain 
name of the new forward-mapping 
zone in the field labeled Primary DNS 
suffix of this computer. This doesn’t 
have to be the same as the name of 
the Windows 2000 domain. 

Let’s say we create a new subzone 
of our main forward-mapping zone 
just for Windows 2000 clients. We’ll 
call it dhcp.fx.movie.edu (though we 
could certainly configure statically ad¬ 
dressed clients to register in it too). 
We would configure our BIND name 
servers to accept dynamic updates to 
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Figure. Seven 


wise be illegal, we’ve got to turn off 
name checking for that zone. (Do¬ 
main names that own A records are 
potentially hostnames. Therefore, they 
must follow Internet hostname syn¬ 
tax, which doesn’t allow the use of 
underscores.) This would look like 
Figure Seven. 


main names and records 
in a zone a particular 
TSIG key has authority 
to update. This would 
make our solution much 
simpler. 

To whet your appe¬ 
tite for GSS-TSIG sup- 


We will have to be satisfied with the solutions we 
have, inelegant as they are. At least we can use 
BIND to service a Windows 2000 environment. 


This is a nice, safe configuration, 
because we can deny all dynamic up¬ 
dates to our main forward-mapping 
zone. 


GSS-TSIG 


How does Microsoft avoid this mess? 
They use “Secure Dynamic Updates,” 
which carry with them the identity 
of the updater. The Microsoft DNS 
Server can then make sure, for exam¬ 
ple, that only the DHCP client that 
added a given A record can later 
delete it and add another A record to 
that domain name. 

Microsoft’s “Secure Dynamic Up¬ 
dates” are really just standard dynam¬ 
ic updates with transaction signatures 
(TSIGs), as specified in RFC 2845 
(http:// www.ietf.org/rfc/rfc2845.txt). 
Unfortunately, the particular dialect 
of TSIG that Windows 2000 clients 
and name servers speak, GSS-TSIG, is 
not presently spoken by any other 
name servers. 

By the way, the “GSS” in “GSS- 
TSIG” is the same “GSS” in “GSSAPI,” 
the Generic Security Service API. 
GSSAPI is an IETF standard API that 
provides a uniform, high-level API to 
security services like authentication 
and confidentiality. 

That may change with a future 
version of BIND 9. BIND 9 is sched¬ 
uled to support GSS-TSIG in a future 
release. Once it does, you’ll be able 
to use BIND 9’s new update-policy 
mechanism to determine which do- 


acl "dhcp-clients" { 

192.253.254/24; 

}; 

acl "dhcp- server" { 

192.253.254.2; 

}; 

acl "domain-controller" { 
192.253.254.3; 

} ; 

zone "fx.movie.edu" { 
type master; 
file "db.fx.movie.edu"; 


} 


zone "_udp.fx.movie.edu" { 
type master; 

file "db._udp.fx. movie.edu"; 
allow-update { "domain-controller"; 


} 


zone "_tcp.fx.movie.edu" { 
type master; 

file "db ._tcp. fx. movie. edu" ; 
allow-update { "domain-controller"; 


} 


zone "_msdcs.fx.movie.edu" { 
type master; 

file "db._msdcs.fx.movie.edu"; 
allow-update { "domain-controller"; 
check- names warn ; 


I 


zone "_sites.fx.movie.edu" { 
type master; 

file "db_sites.fx.movie.edu"; 
allow-update { "domain-controller" 


i 


port in BIND, Figure 
Eight illustrates a con¬ 
figuration that would 
ensure that only the 
Domain Controller could 
update the SRV records 
in the zone and that 
DHCP clients could only 
update those address re¬ 
cords that are attached 
to their own domain 
names. 

For now though, we 
will have to be satisfied 
with the solutions that 
we have, inelegant as 
they may be. What’s im¬ 
portant, however, is that 
you can safely use BIND 
to service a Windows 
2000 environment. 

Cricket Liu is the Direc¬ 
tor of DNS Product De¬ 
velopment for VeriSign 
Global Registry Services 
and is author of DNS 
and BIND. Cricket can 
be reached at cricket@ 
verisign.com. 

Figure Eight 

zone "fx.movie.edu" 
type master; 
fi1e "db.fx.movie.edu"; 
update-policy { 

grant *.fx.movie.edu. self *.fx.movie.edu. A; 
grant matrixvfx.movie.edu. subdomain fx.movie.edu. 

} ; 

} ; 


}; 


}; 


}; 


; }; 


zone "dhcp.fx.movie.edu" { 
type master; 

file "db.dhcp.fx.movie.edu"; 
allow-update { "dhcp-clients"j 


} 


zone "254.253.192.in-addr.arpa" 
type master; 
file "db.192.253.254"; 
allow-update { "dhcp-server"; 


} 


{ 


SRV; 
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The rc Script 


in the Beginning - Part II 

By JEleen Frisch 


I ast month, we looked at the events 
that transpire when you boot up a 
Linux system, from the kernel be- 
i ing loaded to the init process get- 
I ting started. This month we turn 
our attention to actions that follow 
init’s startup — the actions performed 
by the boot scripts that actually take 
care of all the tasks necessary to make 
the system ready for users. 

We will begin with the system’s ini¬ 
tial boot script (as would be specified 
in the bootwait inittab entry), called 
rc.sysinit (Red Hat) or boot (SuSE). 
The script is responsible for the fun¬ 
damental and essential tasks that com¬ 
prise a successful boot process; it must 
execute successfully before the sys¬ 
tem can accept any user logins. The 
tasks performed by this script include 
(in a typical order): 

> Mounting the /proc filesystem 

> Starting the kernel daemon, kemeld, 
which dynamically loads kernel 
modules 

> Initializing RAID devices and LVM- 
related entities 

> Running fsck on any filesystems to 
be checked 

> Loading required kernel modules 

> Mounting all filesystems 

> Initializing basic network devices, 
which would include support for re¬ 
mote booting 

> Preparing several other fundamen¬ 
tal devices and facilities 


> Performing various cleanup activi¬ 
ties; these would include removing 
old lock files, some temporary files, 
lingering configuration items that 
are no longer needed (e.g., /etc/ 
nologin ), and performing other si¬ 
milar tasks 

The SuSE version of this file con¬ 
tains a hook that enables a system 
administrator to add items to the pro¬ 
cess. The relevant commands are to be 
placed in the file boot.local and will 
be executed near the end of the main 
initial boot script. 


Once the initial boot script has fin¬ 
ished, the boot process generally con¬ 
tinues by executing the main boot 
script, rc, which is called with the new 
run level as its argument. The script 
functions as the overseer for the rest 
of the boot process; as such, it per¬ 
forms few actions directly itself, but 
rather relies on a series of other, spe¬ 
cialized scripts to do each job that 
needs to be done. An idealized and 
simplified version of the rc script (de¬ 
rived from one on a Red Hat system) 
is given in Listing One. 


Listing One: An idealized rc Script 

#! /bin/bash 

. /etc/rc.d/init.d/functions 

[ "$1" ! = "" ] && runlevel="$l" 

if [ -d /etc/rc.d/rc$runlevel.d ]; then 

# First, run the KILL scripts. 

for i in /etc/rc.d/rc-$runlevel.d/K*; do 

# Check if the script is there. 

[ ! -f $i ] ScSc continue 

# Check if the subsystem is already up. 

subsys=${i#/etc/rc.d/rc$runlevel.d/K??} 

[ ! -f /var/lock/subsys/$subsys ] && \ 

[ l - f /var/lock/subsys/$ {subsys} . in/tt } && continue 

# Bring the subsystem down. 

$i stop 

done 

# Now run the START scripts. 

for i in /etc/rc.d/rc$runlevel.d/S*; do 

# Check if the script is there and subsystem is already up. 


# BringLthe subsystem up. 
$i start 

done 
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Example One; 1 Sample imd Listing 


$ Is /etc/rc,d/rc3.d 
K08autofs K20boo 
K09keytable K20rus< 
KlOnaraed K20rwai 
KlOpnserver K20rwh< 
Kl5gpm K25inn( 
KlShttpd K25new! 
KISpostgresql K28amd 


K60atd 
K6Omars-nwe 
K75gated 
SOlkerneld 
SlOnetwork 
S15nf sf s; 
S20random 


S30syslog 

S40crond 

S40portmap 

S45pcmcia 

SSOinet 

S55routed 

S601pd 


K3Omcserv 

K3Osendmail 

K3Oypbind 

K33yppasswd 

K35dhcpd 

K35ypserv 

K40snmpd 


The script begins by loading some 
functions from an external file and 
then sets the variable runlevel to 
the value of its first argument. The 
main part of the 
script consists of the 
two for loops en¬ 
closed within the out¬ 
er if statement. The 
latter determines if a 
subdirectory named 
rcn.d exists in the 
/etc/rc. d directory, 
where n is the new 
run level. If rcn.d ex¬ 
ists, the script goes on 
to execute the files it 
finds within that run 
level’s subdirectory. 

These are the files 
that will perform the 
actual tasks required 
to get the system up 
and running: initial¬ 
izing any remaining devices (e.g., ser¬ 
ial/ terminal lines, printers), setting up 
full networking, starting all the vari¬ 
ous system daemon processes for dif¬ 
ferent subsystems (for example, sys- 
log, cron , etc.), and the like. 

We have yet to say much about the 
locations of the various system boot 
scripts. Traditionally, the inittab file is 
stored in /etc, and current Linux sys¬ 
tems continue to follow this conven¬ 
tion. On most Unix systems the main 
boot scripts — rc.sysinit, boot, and rc 
— reside in either /etc or /etc/ rc.d, 
and Linux systems generally use the 
latter location. This directory also 
holds a series of subdirectories named 
rcn.d for each of the defined run lev¬ 
els (as we have just seen). 

The files within each rcn.d subdirec¬ 
tory have names beginning with either 


“S” or “K” followed by a two-digit 
number (we will discuss the signifi¬ 
cance of this in a moment), to which 
a short subsystem name is appended. 


However, each file is actually a link 
to a file in the subdirectory /etc/rc. d/ 
init.d which has the same subsystem 
name. This directory structure is illus¬ 
trated in Figure One. 

In our example, the file named at, 
which lives in the init.d subdirectory, 
also exists (as a hard link) in the rcO.d 
subdirectory (named K20at ) and in 
the rc3.d subdirectory (named S20at). 
Other files in the init.d subdirectory 
are similarly linked to files in these two 
rcn.d subdirectories. 

In contrast, on recent SuSE Linux 
systems, this usual directory structure 
has been altered (as is also the case 
for some other Unix operating sys¬ 
tems). The main boot scripts have 
been moved to a subdirectory of / sbin, 
in this case, /sbin/init.d. The rcn.d sub¬ 
directories also reside in this location. 


and the files within them are still links 
to the corresponding files in an init.d 
subdirectory at their same location 
within the directory tree. However, the 
subdirectory /sbin/ 
init.d/init.d does not 
exist but is rather a 
link to /sbin/init.d it¬ 
self, and the subsys¬ 
tem-specific scripts 
actually reside there 
as well. Currently, 
/etc/rc. d is itself a 
link to the new loca¬ 
tion /sbin/init.d. 

Keeping all of this 
in mind, we are now 
positioned to discuss 
each of the two loops 
that make up the 
body of the example 
rc script. Each for 
loop is constructed to 
run over a list of files 
found in the appropriate run level- 
specific subdirectory and specified with 
a wildcard in the for command. For 
example, the first loop runs over all 
the files in the appropriate directory 
whose names began with a “K.” These 
files are used to shut down or stop 
processes and subsystems and are 
called “kill” files. The second loop 
runs over the “S” files, which are 
used to initiate and “start” processes 
and subsystem. 

Starting and Killing Subsystems 

At this point, it would be helpful to 
look at a concrete example of a direc¬ 
tory listing from one of the subdirec¬ 
tories. Example One contains such a 
listing from a Red Hat Linux system. 

The files within the subdirectory 
have the naming for¬ 
mat that we have pre¬ 
viously described. Note 
that the two-character 
number following the 
initial key letter creates 
an explicit sequence 
among the files. When 
the wildcard “K*” is ex¬ 
panded in a subdirec- 


Rgure One: The traditional Unix boot scripts directory structure. 
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Listing ltao : SAMBA Script on Red Hat 

#!/bin/bash 

# Source function library. 

. /etc/rc.d/init.d/functions 

# Source networking configuration. 

. /etc/sysconfig/network 

# See bow we were called, 
case "$1" in 

start) 

echo -n "Starting SMB services: " 
daemon smbd -D 
daemon nmbd ~D 
echo 

touch /var/lock/subsys/smb 
stop) 

echo -n "Shutting down SMB services: 

killproc smbd 

killproc nmbd 

rm -f /var/lock/subsys/smb 

echo "" 


*) 

echo "Usage: smb {start(stop} 
exi t 1 

esac 


tory, for example, the filenames of 
matching files will be returned in nu¬ 
merical order, and the same order will 
be consequently followed as they are 
executed. When we look at the se¬ 
quence of files, “K” files followed by 
“S” files, we can see the progress of 
the second phase of the boot process 
in detail and follow along as the sub¬ 
systems are initialized one by one. 

Assuming that the for command 
within the script finds some files, the 
loop first checks to see that the file 
exists. Then it extracts the subsystem 
name from the end of the filename (us¬ 
ing a bash variable construct) and ex¬ 
amines the /var/lock/snbsys subdirec¬ 
tory for lock files related to that sub¬ 
system; this step is designed to avoid 
trying to stop the subsystem that is 
not in fact running. Finally, if these 
tests have all been passed, the loop 
runs the script, passing it the parame¬ 
ter stop. 

The second loop is analogously con¬ 
structed and examines and runs the 
“S” files in the same subdirectory, in 


this case passing the pa¬ 
rameter start to the 
script. Note that, in order 
to save space, we have 
omitted the commands 
for the various tests in 
the second loop in List¬ 
ing One. 

To summarize, on a 
Red Hat system, the files 
in the corresponding 
rcn.d subdirectory are all 
executed whenever a 
new run level is entered. 
Specifically, the “K” files 
are executed in order, fol¬ 
lowed by the “S” files in 
order. 

Things are somewhat 
different on recent SuSE 
systems. The rc script 
that is provided with this 
Linux distribution first 
runs the “K” files in the 
rcn.d subdirectory cor¬ 
responding to the previ¬ 
ous run level and then 
the “S” files in the sub¬ 
directory corresponding to the new, 
target run level. SuSE systems also do 
not use subsystem-specific lock files 
in /var/lock/snbsys. 

Since all of the scripts within a run- 
level subdirectory are links to the real 
script in the init.d subdirectory, it fol¬ 
lows that the same script is run, re¬ 
gardless of whether it is executed as a 
“K” file or as an “S” file. Listing Two 
contains a sample script from a Red 
Hat Linux system; this one is con¬ 
cerned with the SAMBA subsystem. 


This sample script again began by 
loading some library functions and 
goes on to run a networking-related 
configuration file stored in the /etc/ 
sysconfig subdirectory. The main part 
of the script consists of the case state¬ 
ment, which switches on the value of 
the scripts first argument, allowing 
the script to behave differently 
depending on whether that argument 
is start or stop (corresponding to 
being executed as an “S” file or as a 
“K” file, respectively). 

In the first case, a message is print¬ 
ed to the console, and the SAMBA-re- 
lated server processes are started via 
the daemon command. Finally, the 
lock file corresponding to the script is 
placed into the subsystem-specific sub¬ 
directory of /var/lock. 

When called with the parameter 
stop, the script again sends a mes¬ 
sage to the console indicating what it 
is doing, terminates the Samba server 
processes (via the killproc com¬ 
mand), and then removes the lock file. 

Any parameter other than these two 
will cause a usage message to be dis¬ 
played, after which the script will sim¬ 
ply terminate. 

All of the boot scripts on Linux sys¬ 
tems (and on Unix systems in gener¬ 
al) follow this general format. There 
are slight variations among the vari¬ 
ous scripts and across Linux distribu¬ 
tions. Listing Three contains a brief ex¬ 
cerpt from the SAMBA script (named 
smb) on a SuSE system. 

Rather than loading some shell func¬ 
tions at the beginning, the script reads 
the contents of the /etc/rc. config con- 


Listing Three: SAMBA Script on SuSE 

. /etc/rc.config 

test " $START__SMB" = "yes" J{ exit 0 
return-$re-done 


case "$1" in 
start) 

echo -n "Starting SMB services:" 

startproc /usr/sbin/raribd -D ( 1 return=$rc„failed 
startproc /usr/sbin/smbd -D || return=$rc„failed 
echo -e "$return" 
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prop on /proc type proc (rw) 

, /dev/hdal on /boot type ext 2 (rw) 
devpts on /deo/pts type devpts (rw) 

Setting up tinezone data 
Setting up loopback device 
Setting up hostnans 
Setting up the CMOS clock 
RurmIng /sbi«/init.d/boot.Ioca 1 
Croating /Mar/log/boot.Msg 
Enabling syn flood protection 
D i sab1 i ng l P forwarding 
L o a d i n g Me ms t a t mo d u 1 e 
INIT: Entering run 1eve 1: 2 

Master Resource Control: previous run level: N, switching to run level: 

Configuring serial ports 

ttySB at 0x83f8 (irq - 4) is a 185580 

ttySl at 8x82f8 (irq = 3) is a 165588 

11yS2 at 8x83e8 (irq = 4) is a 165500 

ttyS3 at 8x02e8 (irq ~ 3) is a 185588 

UMware Tools: Setting up the virtual Machine configuration 

UMware Tools: Enabling DM0 on: /dev/hda /dev/hdb /dev/hdc /dev/hdd 

Setting up network device eth8 

Setting up routing (using /etc/route.conf) 

Starting RPC partway daenon 
Starting syslog services 


Figure ItaO: SuSE boot messages like these are typically color-coded. 


figuration file. The functions of this 
file are to specify which subsystems 
should and should not be enabled on 
the system and to set various charac¬ 
teristics for some of them. The second 
line of Listing Three illustrates this 
concept. It tests the value of the vari¬ 
able START_SMB and exits if that var¬ 
iable is set to anything other than yes. 

The start section of the case state¬ 
ment looks very, very similar to the 
one from the Red Hat system (shown 
in Listing 1Ivo), although a different 
program is used to start the SAMBA 
daemons. These commands also illus¬ 
trate the method used to obtain SuSE’s 
distinctive color-coded boot messages. 
The second echo command displays 
the value of the variable return, which 
is set to one of two strings defined in 
rc.config, depending on whether or not 
the script is successful. The relevant 
lines in the configuration file then for¬ 
mat the word “done” or “failed” sand¬ 
wiched between escape sequences that 
alter the terminal display color. The re¬ 
sult is shown in Figure Two. 

Customizing the Boot Process 

The sequence the boot scripts are run 
in is obviously very important. Depen¬ 
dencies among the various subsystems 
of the operating system must be satis¬ 
fied in order for a fully functional sys¬ 
tem to be the end result; if a daemon 
is started before one that it depends 


on is started, your system will proba¬ 
bly die and not be available unless it is 
restarted manually. For this reason, it 
is best not to alter the ordering of 
these files until you are very familiar 
with the entire boot process and each 
individual subsystem. 

Keeping this in mind, there are nev¬ 
ertheless several safe ways of custom¬ 
izing the boot process for the needs of 
a particular computer system or orga¬ 
nization. First of all, be sure to take 
advantage of whatever customization 
facilities are provided with your Lin¬ 
ux distribution. For example, on SuSE 
systems you can modify the /etc/rc. 
config file settings to enable or disable 
various subsystems. In addition, many 
of the standard boot scripts have con¬ 
figuration files designed to customize 
their functioning. 

For minor additions to the boot pro¬ 


cess you can use the built-in customi¬ 
zation facility within the main boot 
script itself. Many versions of the rc 
script execute another script, conven¬ 
tionally named rc.local and stored in 
the same location as rc itself, just be¬ 
fore exiting. Additional commands that 
you require can be added to this file. 
If your version of the rc script does not 
have such a hook, you can add one by 
placing a command like the following 
at the end of the script: 

. /etc/rc.d/rc.local 

You will then need to create rc.local 
You’ll also need to similarly modify 
new versions of the rc script that are 
installed with any system upgrades. 

For more major changes, you may 
need to activate/deactivate, re-order, 
or add to the sequence of boot scripts 
in the run level subdirectories. This 
can be done manually by adding or 
removing properly named hard links 
to files within init.d from the appro¬ 
priate subdirectory (and possibly by 
adding new scripts to init.d). 

Alternatively, there are GUI tools 
which make this process more conve¬ 
nient. The best known of these is 
sysvinit; a variant created for the KDE 
graphical environment, ksysv, is illus¬ 
trated in Figure Three (this tool is also 
accessible from the KDE menu). 

The utility lists the contents of the 
init.d subdirectory in the leftmost 
pane, and the contents of the various 
rcn.d subdirectories are shown in the 
series of panes moving across the win- 
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Figure Three: The ksysv utility can be used for modifying the boot process. 
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dow to the right; “S” files and “K” files 
appear in separate lists. Items can often 
be reordered within a subdirectory by 
simply dragging them to the new pos¬ 
ition. Similarly, you can add a new 
script to any run level subdirectory by 
dragging the desired item from the 
init.d list to the desired location with¬ 
in the appropriate window. This pro¬ 
cess is illustrated in Figure Four, where 
we add (activate) a script to run-level 
3 that starts the mysql facility. 

When you drop a file into a run- 
level subdirectory’s list, it is automat¬ 


ism Fours Adding a boot script to run level 2. 


ically assigned the appropriate file¬ 
name; the correct initial letter is cho¬ 
sen, and a number falling in sequence 
with those above and below the spec¬ 
ified location is computed. Sometimes, 
however, you will need to fine-tune 
the utility’s default numbering. This is 
accomplished by right-clicking on the 
icon whose number you wish to mod¬ 
ify and changing it manually in the re¬ 
sulting dialog that displays all the items 
properties (illustrated in Figure Five ]. 

Removing a script from one of the 
run-level subdirectories is equally easy. 

You simply click and drag 
the item from the list to 
the utility’s trashcan, lo¬ 
cated in the bottom left 
portion of the window. 

Accept No Substitute 

That’s it for our Linux boot 
sequence overview. The 
addition of the GUI tools 
we looked at should make 
your life easier if you need 



Figure Fives You can also fine tune the 
boot script sequencing. 

to dig in and mess around with your 
system’s boot sequence. Still, even 
with the addition of easy-to-use graph¬ 
ical interfaces, there is just no substi¬ 
tute for understanding what’s going 
on under the hood. 


JFleen Frisch is the author of Essential 
System Administration. She can be 
reached at aefrisch@lorentzian.com. 
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Threads and Mutexes - Part II 

By Benjamin Chelf 


W elcome to the second part of our look at program¬ 
ming with threads. In last month’s column we talked 
about the functions that allow you to create and 
wait on threads. This month we’re going to dive 
deeper into the problems that often arise when us¬ 
ing threads to write concurrent programs. Before we begin 
that however, we’ll return to the ticket agent example we 
looked at last month and discuss the solution to the prob¬ 
lem of over-selling of tickets. 

One quick note before we proceed: If you’re writing ap¬ 
plications that use the pthreads libraries for Linux, you must 
include the option - lp thread as a flag to the compiler on 
the command line. This will tell the compiler and linker to 
look for the necessary functions in the pthreads library and 
link them into your application. 


void* ticket_agent (void* foo) 

{ 

while (total_sold < NUM_TICKETS) 

{ 

if (sold_ticket ()) 
total_sold++; 

} 

return NULL; 

} 

Then ticket agents can be created as threads in the main () 
function, as shown in Figure One. This program seems simple. 
Ticket agents should sell tickets until they’re all gone. Then, 
the main () function prints out the total number of tickets 
sold. However, if we actually run this program, we get some 
disturbing results. We need to add a few global variables: 


The Ticket Agency 

As we saw last month, using threads allows you to have 
multiple pieces of code that share and operate on a common 
set of data. However, threads introduce additional com¬ 
plexity and create code that is often difficult to debug. Let’s 
return to our ticket agency example. Each ticket agent may 
be thought of as one thread. There is common data be¬ 
tween the ticket agents — the number of tickets to be sold. 
Our goal is to sell all the tickets without selling too many. 
Each ticket agent can be modeled with the C function: 


#define NUM_TICKETS 10000000 
ttdefine NUM_AGENTS 4 
int total_sold = 0; 

If we run the program ten times, we will get the following: 

./a.out 
. /a.out 
./a.out 
./a.out 
. /a.out 
./a.out 
./a.out 
./a.out 
./a.out 
./a.out 


Figure One: The ticketagento Function 


int main () 

{ 

pthread_t agents[NUM_AGENTS] 
vo i d* re turn_va 1; 
int i; 

srand (time (0)); 

for (i = 0; i < NUM_AGENTS; 


i++) 


pthread__create (&agents[i], NULL, ticket_agent, NULL), 


for (i = 0; i < NUM_AGENTS; 

pthread_join (agents[i], 
printf ("%d\n", total_sold); 
return 0; 


i++) 

&return_val); 


mordack:~> 
10000001 
mordack:~> 
10000002 
mordack:~> 
10000001 
mordack:~> 
10000001 
mordack:~> 
10000000 
mordack:~> 
10000000 
mordack:~> 
10000001 
mordack:~> 
10000001 
mordack:~> 
10000001 
mordack:~> 
10000001 
mordack:~> 
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Notice that the program sold too many tickets eight out 
of the ten times! In fact, one of those times it sold two extra 
tickets. Automating this process and running the program 
10,000 times yielded the following results: 

mordack:~> ./a.pi 

Over sold 0 exactly 3924 times. 

Over sold 1 exactly 4735 times. 

Over sold 2 exactly 1341 times. 

Over sold 3 exactly 0 times. 

This tells us that the program is only working correctly 
about 40 percent of the time. The rest of the time we are 
over-selling the number of tickets we have. Why? 

Imagine, near the end of the program, when all but one 
of the tickets have been sold. One ticket agent. Bob, checks 
the value of the total_sold variable to make sure he can 
still sell a ticket. At that instant, the operating system’s 
thread scheduler decides it’s time for Bob to stop running 
and time for Sally to run for a while. Before Bob has had a 
chance to update the value of total_sold, Sally checks 
to make sure she can sell a ticket. Hence, both Bob and 
Sally can increase the value of total_sold when it is only 
one shy of the total number of tickets. 

Race Conditions 

Computer scientists refer to this problem as a “race condi¬ 
tion.” The problem exists because multiple threads are rac¬ 
ing to update the values of variables based on previous 
values of those variables. A race condition exists any time 
the speed of execution of a thread, or the way threads are 
scheduled, can alter the outcome of the application. Race 
conditions are amongst the most common and most diffi¬ 
cult problems to track down. 

In our ticket agent program, the race 
condition exists because each ticket 
agent assumes that once the value of 
total_sold in the while () loop 
has been checked, that value will re¬ 
main unchanged throughout the body 
of the loop. However, since the thread 
scheduler may stop the currently runn¬ 
ing thread and allow another thread 
to execute during that time, this is not 
a valid assumption. 

Fortunately, the pthreads library pro¬ 
vides a mechanism for avoiding this 
problem — the “mutex,” which is an 
abbreviation for “mutual exclusion.” 

A mutex allows one thread to “lock” 
a given piece of code so that no other 
thread may execute until the piece of 
code holding the lock is finished. In 
the case of our ticket agency. Bob want- 

} 


ed to make sure that once he read the value of total_ 
sold, he could sell one ticket and know that he wasn’t sell¬ 
ing a ticket that no longer existed. In other words, he want¬ 
ed all of the code in his while () loop to be executed with¬ 
out the possibility of some other thread executing. Bob 
could guarantee that the value of total_sold would not 
change if a mutex were used. 

First, let’s look at the pthreads library functions that enable 
you to use mutexes: 

int pthread_mutex_lock (pthread_mutex_t* mutex) ; 
int pthread_mutex_unlock (pthread_mutex_t* mutex) ; 

These functions both return 0 on success and an error 
value on failure; see the manual page for more details. A 
thread obtains a mutex by calling the pthread_mutex_ 
lock () function. When one thread has the mutex, any other 
thread that calls the pthread_mutex_lock () function 
will be put into a temporary state of suspended animation. 
Threads that are put into a state of suspended animation 
are referred to as “blocked.” 

Once the original thread calls the pthread_mutex_ 
unlock () function, pthread_mutex_lock () will return 
in one of the suspended threads that called it, and that thread 
will gain access to the mutex. By using the pthread_ 
mutex_lock() and pthread_mutex_unlock () func¬ 
tions around a given piece of code, you can guarantee that 
only one thread will be able to execute that code at any giv¬ 
en time. 

To create a mutex in Linux, simply declare it and assign 
it (in the declaration) as follows: 

pthread_mutex_t myjmtex = PTHREAD_MUTEX_INITIALIZER; 


Figure ItoO: The ticketagento Function with mutex 

pthread_mutex_t tickets_sold_lock = PTHREADJ4UTEX_INITIALIZER; 

void* ticket_agent (void* foo) 

{ 

int not_done = 1; 
while (not_done) 

{ 

pthread_mutex_lock (&tickets_sold__lock) ; 
if (total_SOld < NUM_TICKETS) 

{ 

if (sold_ticket ()) 
total_sold++; 

} 

else 

not_done - 0; 

pthread_mutex_unlock (&tickets_sold_lock) ; 

} 

return NULL; 
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There also exists a function: 

int pthread_mutex_init 
pthread_mutex_t* 
mutex,const 
pthread_mutexa t tr_t * 
mutexattr; 

you can use to initialize locks (with 
more information as to the type 
of lock and how it behaves). For 
our example, however, PTHREAD_ 
mutex_initializer() is quite 
sufficient. 

By placing a lock around the 
read and write of the total_ 
sold () variable, each ticket agent 
can make sure that no other ticket 
agent is editing that variable. This 
eliminates the race condition from 
the program. Let’s take a look at 
the new ticket_agent ( ) func¬ 
tion in Figure Two. 

First of all, notice the calls to 
ptrhread_mutex_lock ( ) and 
ptrhread_ mutex_unlock(). 
We needed to put these calls 
around the code that checks the 
value of total_sold and writes 
to the value of total_sold — 
and we needed to put them inside 
the while () loop. 

If we had placed the call to 
pthread_mutex_lock ( ) before 
the while ( ) loop and the call to 
ptrhread_mutex_unlock() 
after the while () loop body, only 
one thread would have been able 
to sell tickets. It would acquire the 
lock before entering the while () 
loop, therefore causing all the other 
threads to block before entering 
their while () loops. It would only 
release the lock once it had exited 
the loop, after all the tickets had 
been sold. Therefore, in the mod¬ 
ified version, we created our own 
local variable (not_done) to 
track when the while () loop 
should exit, and we moved the 
code to lock and unlock inside the 
loop. This way every thread gets 
a chance to sell tickets. 

After running this program 1,000 
times, we got the following results: 


Figure Three: Dining Philosophers — Part i 

#include <pthread.h> 

#include <stdio.h> 

#define NUM_PHILOSOPHERS 5 

pthread_mutex_t chopsticks[NUM_PHILOSOPHERS]; 

void think () 

{ 

/* Intentionally left blank. Simulate thinking. */ 

} 

void eat () 

{ 

/* Intentionally left blank. Simulate eating. */ 

1 

void* philosopher (void* number) 

{ 

int my_num = *( (int*)number); 
while (1) 

{ 

/* First we think. */ 
think () ; 

/* Grab the chopsticks to my left and to my right */ 
pthread_mutex_lock (&chopsticks [my_num] ) ; 
pthread_mutex_lock (&chopsticks [ (my_num +1) % 
NUM_PHILOSOPHERS]); 

/* Eat */ 

printf ("Philosopher %d eating!\n", my_num); 
eat () ; 

printf ("Philosopher %d done!\n", my_num) ; 

/* Put the chopsticks down. */ 
pthread_mutex_unlock (&chopsticks [ (my_num +1) % 

NUM_PHILOSOPHERS]); 

pthread_mutex__unlock (&chopsticks [my_num] ) ; 

1 

return NULL; 

1 

int main () 

{ 

int i ; 

pthread_t phiIs[NUM_PHILOSOPHERS]; 
void* return_val; 

for (i = 0; i < NUM_PHILOSOPHERS; i++) 

pthread_mutex_init (&chopsticks[i], NULL); 

for (i = 0; i < NUM_PHILOSOPHERS; i++) 

pthread_create (&phils[i] , NULL, philosopher, &i) ; 

for (i = 0; i < NUM_PHILOSOPHERS; i++) 
pthread_join (phils [i], &return_val); 

return 0; 

} 
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Figure Four: Dining Philosophers — Part H 

pthread_mutex_t chopstick_lock = PTHREAD_MUTEX_INITIALIZER; 

void* philosopher (void* number) 

{ 

int my_num = *( (int*)number); 
while (1) 

{ 

/* First we think */ 
think (); 

/* First get the lock on grabbing chopsticks. 

Then, grab the chops tick to my left and to my right */ 
pthread_mutex_lock (&chopstick_lock) ; 

pthread_mutex_lock (&chopsticks [my_num] ) ; 
pthread_mutex_lock (&chopsticks [ (my_num +1) % 
NUM_PHILOSOPHERS] ); 

/* Release the chopstick grabbing lock. */ 
pthread_mutex_unlock (&chopstick_lock); 

/* Eat */ 

printf ("Philosopher %d eating!\n", my_num); 
eat () ; 

printf ("Philosopher %d done!\n", my_num); 

/* Put the chopsticks down */ 
pthread_mutex_unlock (&chopsticks [ (my_num +1) % 

NUM_PHILOSOPHERS] ) ; 

pthread_mutex_unlock (&chopsticks[my_num]); 

) 

return NULL; 

} 


mordack:~> ./a.pi 

Over sold 0 exactly 10000 times. 

Over sold 1 exactly 0 times. 

Over sold 2 exactly 0 times. 

Over sold 3 exactly 0 times. 

Note that we did not over-sell a ticket once in the 10,000 
trial runs of the program. Although this does not guarantee 
that we do not have a race condition in our program, the re¬ 
sults after the modification are much better than our origi¬ 
nal attempt. 

The Dining Philosophers 

Now that we’ve illustrated the usefulness of mutexes, let’s 
examine a program that requires their careful usage. A 
famous example in concurrent programming is the Dining 
Philosophers program. Imagine a group of philosophers sit¬ 
ting around a circular table. Philosophers only do two things 
— think and eat. When a philosopher thinks, he has no ef¬ 
fect on the other philosophers. When he eats however, he 


can potentially create a prob¬ 
lem for the philosophers on his 
left and right. 

You see, there is only one 
plate of rice in the middle of the 
table and only one chopstick 
between each philosopher. 
Everyone can eat the rice, but 
in order to do that, a philosopher 
must be able to pick up his two 
adjacent chopsticks. Therefore, 
if one of the philosophers is eat¬ 
ing, the philosophers to his right 
and left can’t eat until he puts 
down his chopsticks. 

We can model this problem 
with a program that uses 
threads to represent the philos¬ 
ophers and an array of mutexes 
to represent the chopsticks. 
When a thread holds the lock 
for a chopstick it is equivalent 
to a philosopher using that 
chopstick to eat. The code for 
the program is shown in Fig¬ 
ure Three (pg. 83). 

The main () function of this 
program creates all the philos¬ 
opher threads and passes them 
a number, 0 through NUM_ 
PHILOSOPHERS - 1, so that 
the philosopher threads know 
which chopsticks to grab. This 
program seems simple enough, 
but there is a serious problem. If we run it we’ll see that a 
lot of philosophers eat, but at some point the program will 
hang. It will hang at a different point each time we run it. 

Deadlock 

Consider the situation where every philosopher decides to 
eat at the same time. Because of the way we wrote this pro¬ 
gram, every philosopher will grab the chopstick to his right 
and then grab the chopstick to his left. However, imagine 
this scheduling of threads: Philosopher 0 grabs chopstick 0 
and then gets swapped out. Philosopher 1 grabs chopstick 
1 and then gets swapped out, and so on. Each philosopher 
will grab one chopstick and then wait to get the other one. 
However, since all the philosophers are waiting, and none 
are eating, they will continue to wait like that forever. This 
problem is called deadlock. 

There is no blanket way to solve deadlock. However, there 
are two possible ways to eliminate the deadlock problem 
that exists in the Dining Philosophers program. (Why else 
would computer scientists like it so much?) The first solu- 
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tion involves using another mutex. You might have observed 
that the problem causing the deadlock was that a philoso¬ 
pher was able to grab one chopstick but then gets swapped 
out while another thread runs. This could be considered a 
race condition on the chopsticks. Each philosopher is racing 
to grab a second chopstick, assuming that after grabbing 
one chopstick, they will eventually be able to grab the 
other. As in the ticket agent problem, if we create a lock to 
make sure that only one philosopher attempts to grab chop¬ 
sticks at a time, we can be sure that the philosopher will 
eventually get two chopsticks. The new code for the philos¬ 
opher function is listed in Figure Four. 

Now that we’ve guaranteed that only one philosopher can 
grab chopsticks at any given time, we know that the philoso¬ 
pher will eventually get two of them. Since he is the only one 
in that section, the others must be either eating or thinking. 

The other solution to the problem is a bit more subtle. 
You might have realized that the problem with the philoso¬ 
phers in the original program was that they each tried to 
get the chopstick on the right first. If even one of the 
philosophers were to try to get the chopstick on the left 
first, the circularity that was causing the deadlock would 


be broken. For this solution, we simply make half of the 
philosophers grab the chopstick on their right first and the 
other half grab the chopstick on their left first. The code for 
this is shown in Figure Five. 

No Easy Answers 

As we said last month, writing bug-free programs with 
threads is difficult. Much care must be taken to insure cor¬ 
rect behavior. There really are no easy fixes. The use of 
mutexes allows you to avoid race conditions, but unfortu¬ 
nately, as you can see in the case of the dining philoso¬ 
phers, mutexes introduce the possibility of creating a dead¬ 
lock in your program. Unlike race conditions, which usually 
cause incorrect results, deadlocks cause the program to hang 
entirely, which makes them absolutely no fun to debug. You 
now hopefully have a better understanding of the issues 
involved in programming with threads and the tools nec¬ 
essary for writing effective applications with them. 


Benjamin Chelf is an author and engineer at CodeSourcery, 
LLC. He can be reached at chelf@codesourcery.com. 


Figure Five: Mug Philosophers — Fart IIS 

void* philosopher (void* number) 

{ 

int my_num = * (( int*) number) ; 
while (1) 

{ 

/* First we think. */ 
think (); 

/* If I'm an even philosopher, grab chopsticks one way. */ 
if (my_num % 2) 

{ 

pthread_mutex_lock (&chopsticks[my_num]); 
pthread_mutex_lock (&chopsticks[(my_num + 1) % NUM_PHILOSOPHERS]); 

} 

/* Otherwise, grab them the other way. */ 
else 
{ 

pthread_mutex__lock (&chopsticks [ (my_num + 1) % NUM_PHILOSOPHERS] ) ; 
pthread__mutex_lock (&chopsticks [my_num] ) ; 

} 

/* Eat */ 

printf ("Philosopher %d eating!\n", my_num); 
eat () ; 

printf ("Philosopher %d done!\n", my_num); 

/* Put the chopsticks down */ 

pthread_mutex_unlock (&chopsticks[(my_num + 1) % NUM_PHILOSOPHERS]); 
pthread_mutex_unlock (&chopsticks[my_num]); 

} 

return NULL; 

} 
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PERI f WISDOM 

Headmes In the News 

By Randal L. Schwartz 


I find myself spending a lot of time participating in online 
discussion areas. Originally, all we had was Usenet. How¬ 
ever, the concept of a “Web-based community” has final¬ 
ly taken hold. These communities usually provide some 
sort of message-based system (often with threading and 
separate discussion areas for topics) and frequently an HTML 
or Java-based “interactive chat” area. 

I frequent one such Web community called “the Perl Mon¬ 
astery” (perlmonks.org). The community is active, post¬ 
ing dozens of messages every day, and is frequented by some 
sharp people, quick to answer questions. A recent posting 
piqued my interest. “Jcwren,” a user, suggested a series of 
“contests” to motivate people to show off while thinking of 
new solutions. He decided to kick off the first contest himself, 
awarding a “Perlmonks T-shirt” to the winner (funded out of 
his pocket). 

The contest was to last only a week, and we’re midway 
through the week as I write this, so I can’t tell you the win¬ 
ner. It won’t be me, because Jcwren deliberately disallowed 
entries from the senior participants of the Monastery (called 
“saints”), of which I seem to be one. 


I gave it a whack anyway. It was a nice challenge regard¬ 
ing a problem that’s becoming more and more common in 
Web-based solutions: the repackaging of information. I think 
we’re going to see more and more “middleware” on the Net 
(sites that act as brokers or meta-searchers), so I’m constant¬ 
ly researching to see what can be done to help. 

The basic problem was to create a headline list for state- 
based headlines. CNN’s interactive news ticker delivers this 
information as a far-too-flashy pop-up window. However, 
the data file that it refreshes was easily reverse-engineered, 
and the URL and file format of that internal data file have 
apparently been stable for months. 

Jcwren asked for a command-line program (not CGI) that 
fetches CNN’s internal data file each time that it is invoked. 
He expected this to be done from cron every 10 minutes or 
so. Any new headlines that were found there were to be 


remembered in an unspecified “database.” This was to be 
done as simply as possible, as he wanted this to run easily 
on both Unix and Windows. New headlines were to be time- 
stamped on their first observation (there are no timestamps 
in the source data, so this was as close as we got to a fresh¬ 
ness factor). 

To keep the database from becoming a history book, each 
headline was to be aged out when it had not been seen in 
a specified amount of time (default one day). As long as CNN 
was still showing the headline, it would stay alive for at least 
this much longer. 

To make it even more fun, the headlines had to be orga¬ 
nized by state with a clickable set of links at the top of the 
output. All 50 states (plus DC) needed to always be pre¬ 
sent, but only states with current news were to be active 
links (which would scroll down within the document to 
that state). Everything had to be alphabetized, of course. 

Further, the output was to be an HTML file (selectable, de¬ 
fault index.html in the current directory) with a meta-re¬ 
fresh tag so that a browser window could be kept open on it. 

I was curious about how long it would take me to write 
the program. I guessed around 90 
minutes, and the first draft of the 
program was completed in just un¬ 
der that. I’ve since done about a 
half hour of tweaking. The program, 
which I will now describe, is pre¬ 
sent in Listing One (pg. 88). 

Lines one through three start nearly every program I write, 
enabling warnings, turning on the normal compiler restric¬ 
tions for large programs, and disabling the normal buffering 
of standard output. 

Lines seven through 11 define the configurable constants 
that are used by this program that don’t make sense to over¬ 
ride from the command line. The $CNN_URL is the source 
of our information. This program depends on the URL pro¬ 
viding consistent data, so if it moves or changes format, 
you’re just out of luck. The $CNN_CACHE file is a local mir¬ 
ror of that remote URL. $DB_MEMORY holds our “database” 
in whatever format dbmopen selects (which will most often 
be Berkeley DB). 

Line 13 pulls in the CGI module. No, this isn’t a CGI pro¬ 
gram. However, I am generating HTML so I’m using the 
HTML generation shortcuts, and it just so happens that the 
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CNN input format is nearly identical to the format of an 
uploaded form data, which I quickly recognized to leverage 
off existing code. The CGI module, as of this writing, doesn’t 
include the HTML 4.01 standard col, thead, and tbody 
generation methods, so I added them. 

Line 14 pulls in the mirror routine from LWP : : Simple 
(part of the CPAN-installable LWP suite). 

Similarly, line 15 brings in GetOptions from the stan¬ 
dard Getopt: : Long module. 

We then parse the command-line arguments in lines 17 
through 23. Four variables are declared with initial values, 
and GetOptions alters those values if the right command¬ 
line arguments are present. You can see the GetOptions 
documentation for additional details (however, this should 
be readable as-is). 

Beginning in line 25, we need a list of states. Note the 


split that breaks the items on either the embedded comma 
or the ending newline of each line. 

Lines 35 to 40 get the “current” information. Because we 
are maintaining a cache, we can use mirror, which mini¬ 
mizes the transfer cost. The request made to the server in¬ 
cludes an “if modified since” header; if the information has 
not changed since this time, the server returns a quick “304 
error” to tell you that you have it already. When new infor¬ 
mation arrives, the timestamp on the file is set to the “last 
modified” header (if present), so that the next request has the 
right “if modified since” header to repeat the process. Slick. 
Normal expected returns are status 200 (we’ve got a new file) 
and 304 (we already have the data). Anything else is broken, 
so we abort quickly. 

Line 42 opens the database. This is a simple “hash on disk” 
database, so we use dbmopen to let it pick the type and nam- 


Listino One: CNN Date-Based Headline Fetcher — Part I 


1 #!/usr/bin/perl -w 

2 use strict; 

3 $|++; 

4 

5 ## begin config 

6 

7 my $CNN_URL = "http: //headlinenews . cnn .com/ 

QUICKNEWS/virtual/swf .headline . txt" ; 

8 my $CNN_CACHE = "contest. cnn - cache" ; # flat file 

9 my $DB_MEMORY = "contest .memory" ; # dbmopen 

10 

11 ## end config 

12 

13 use CGI qw(:all ~no_debug col thead tbody); 

14 use LWP::Simple qw(mirror); 

15 use Getopt::Long; 

16 

17 GetOptions( 

18 "refresh=i" => \ (rry $REFRESH = 10), 

# meta refresh time in minutes 

19 "output = s" => \ (my $OUTPUT = 

" index . html ") , 

# output file 

20 "expire-i" => \ (rry $EXPIRE = 1440) , 

# expire time in minutes 

21 "clear!" => \ (my $ CLEAR = 0), 

# clear the cache 

22 "<>" => sub { $Getopt::Long: 

:error++; warn 
"Unknown arg: 

$_ [0] \n" }, 

23 ) or die "see code for usage\n"; 

24 

25 my ©STATES = split /, |\n/, <<'end'; 

26 ALABAMA, ALASKA, ARIZONA, ARKANSAS, 

CALIFORNIA, COLORADO, CONNECTICUT, D.C. 

27 DELAWARE, FLORIDA, GEORGIA, HAWAII, IDAHO, 

ILLINOIS, INDIANA, IOWA, KANSAS 

28 KENTUCKY, LOUISIANA, MAINE, MARYLAND, 

MASSACHUSETTS, MICHIGAN, MINNESOTA 


29 MISSISSIPPI, MISSOURI, MONTANA, NEBRASKA, 

NEVADA, NEW HAMPSHIRE, NEW JERSEY 

30 NEW MEXICO, NEW YORK, NORTH CAROLINA, NORTH 

DAKOTA, OHIO, OKLAHOMA, OREGON 

31 PENNSYLVANIA, RHODE ISLAND, SOUTH CAROLINA, : 

SOUTH DAKOTA, TENNESSEE, TEXAS 

32 UTAH, VERMONT, VIRGINIA, WASHINGTON, WEST 

VIRGINIA, WISCONSIN, WYOMING 

33 end 

34 

35 { 

36 my $s = mirror ($CNN_URL, $CNN_CACHE) ; 

37 last if $s == 200; # we got new data 

38 last if $s == 304; # no new data, 

but we have to expire things 

39 die "status is $s, aborting\n"; 

40 } 

41 

42 dbmopen(my %DB, $DB_MEMORY, 0644) or die 

"Cannot dbmopen $DB_MEMORY: 

43 open STDIN, $CNN_CACHE or die "Cannot open 

$CNN_CACHE: $!"; 

44 open STDOUT, ">$OUTPUT~" or die "Cannot 

create $OUTPUT~: $!"; 

45 

46 $CGI::Q = CGI->new(\*STDIN) or die "Cannot 

parse $CNN_CACHE\n"; 

47 

48 %DB - () if $ CLEAR; # bye bye all that we know 

49 

50 ## first pass: add the new headlines 

51 

52 for (my $i =1; my $headline - 

param("headline?i"); ? i++) { 

53 my $state = param("state$i"); 

54 my $key = "$state\n$headline"; 

55 if (defined $DB{$key}) { # just 

update modtime 

56 $DB{$key} =~ s/\s\d+/" " . time/e; 

57 } else { # add the entry 
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ing for us. (This database is cleared in line 48 if the right 
command-line parameter is present.) 

Next, we set up the input and output streams (lines 43 
and 44). The input is the file fetched from CNN. The output 
is the HTML file, except that we don't want to overwrite the 
real file just yet, so we’ll append a tilde to the filename (my 
editor’s backup file convention, so I have scripts to clean 
those up). After finishing the file. I’ll rename this temporary 
file over the top of the real data in one fell swoop, so the 
browser will never see a partial content. This is an impor¬ 
tant strategy for uncooperative processes. 

Line 46 processes STDIN using the CGI module’s ability 
to parse a form. Assigning the output to $CGI: :Q means 
that we get to use param and friends without having to use 
the ugly, and nearly always unnecessary, object-oriented form 
of invocation. 


We then pass over the data three times. The first pass (be¬ 
ginning in line 50) looks for all “parameters” from the input 
data with the form headline>l<n, where n begins at 1 
and increases (to about 100, judging from the data I saw 
while testing). The headline is stuffed into $headline, then 
the corresponding state jumps into $ state. 

We’ve now hopefully constructed a unique key of the state, 
a newline, and the headline. The corresponding value in the 
database is two integers separated by a space, both time- 
stamps in Unix internal time format. The first number is when 
the headline first appeared (for display). The second num¬ 
ber is the most recent time we’ve seen it (for aging purpos¬ 
es). So, if the key already exists, we update the second num¬ 
ber to now, but if it doesn’t, we create a new entry with both 
numbers set to now. 

On the second pass (beginning in line 62), we age out old 
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$DB{$key} = time 


time; 


## second pass: expire the old headlines 

for ray $key (keys %DB) { 

delete $DB{$key} if $DB{$key} =~ 

/\s(\d+)/ and $1 < time - $EXPIRE * 60; 


## final pass: generate the report 

my @data 
sort { 

$a->[0] cmp $b->[0] or $a->[2] <=> 

$b->[2] or $a-> [1] cmp $b-> [1] 

3 map { 

[ (split /\n/), (split As+A 
$DB{$_}) [0] ] 

} keys %DB; 

my %states_seen; 

my @table_guts 
map { 

my ($state, $headline, $stamp) = 

■ Tr ( 

td($states_seen{$state}++ ? 
escapeHTMLnobreak($state) : 
a({-name => fixname($state) } , 
escapeHTMLnobreak($state))), 
td(escapeHTMLnobreak 

(((localtime $stamp) =~ 

/(•*) W) [0])), 
td(escapeHTML($headline)), 

) • "\ n "; 

} @data; 

print start__html (-title => "CNN Headline News", 
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head => meta({-http„equiv => 

'refresh', 
-content => 

$ REFRESH * 60})); 

print table({-border => 1, -cellspacing => 
0, -cellpadding => 4}, 
col({-width => "0*", -align => 

'right' } ) , # state 
col({-width => "0*"}), # date 
col({-width => ”*"}); # item 
thead(Tr(th({-colspan => 3, - 

align => 'center'}, 
join " | ", 

map { $states„seen{$_} ? 
a({-href => 

f ixname ("#$_")}, 
escapeHTMLnobreak ($_)) : 
escapeHTMLnobreak($_) ; 
} @STATES)."\n")), 
tbody(@table_guts)); 

print end_html; 

close STDOUT; 

rename " $ OUTPUT'" ", $OUTPUT or die "Cannot 
rename $OUTPUT" to $OUTPUT: $!"; 

exit 0; 


sub escapeHTMLnobreak { 

local $_ = escapeHTML ("i 
s/ /&nbsp;/g; 

$_; 


sub fixname { 

local $_ = shift; 
tr/a - zA - Z\# A/cs ; 
$ m ; ... 

} 


L") 
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data by looking at all the entries’ second numbers and de¬ 
leting those that no longer qualify as fresh enough. 

Starting with line 68, it’s time to finally dump the data. For 
each of the keys (line 75), we pull out the state, headline, 
and first-seen timestamps as a three-element arrayref, which 
is then sorted by state, timestamp, and headline order. 

Line 77 introduces %states_seen, which will be used 
to track the first appearance of each state in the sorted list 
and to figure out for which states to generate links at the 
top of the table. 

Now comes the fun part — transforming the data into a 
table. First, we break each element of the @data array (line 
89) into the three fields (line 81). Next, we create a table 
row (line 82) consisting of three cells (lines 83, 86, and 87). 
The first cell is either the state name (fixed so that it can’t 
wrap) or on first appearance, the statename with an inter¬ 
nal anchor. The second cell is an abbreviated portion of the 
localtime of the timestamp from when the headline first ap¬ 
peared. The final cell is the headline itself. Be particularly 
careful to properly encode this data as HTML entities if 
need be. 

The next step is to generate the top of the HTML file (on 
STDOUT) handled in lines 91 to 93 with the right header, title, 
and meta-refresh information. 

Now it’s time to generate the table. The cellspacing and 
cellpadding are personal choices (line 95). The next three 
lines give hints to standards-compliant browsers (unlike 


Netscape or IE) about the width and alignment of the three 
columns. Next comes the “table header,” one row, one cell 
(spanning three columns), of all the states. If a state was 
seen, a link to the proper internal anchor is generated; oth¬ 
erwise, a simple name is used. Again, the state names are 
guaranteed not to wrap. Finally, the table guts are dumped 
inside the “table body” tag. 

Lines 108 to 110 finish the HTML page. Once this is com¬ 
plete, we rename the temporary output name to its final des¬ 
tination with line 112. 

The two subroutines starting in line 115 handle some of the 
needed transformations. escapeHTMLbreak calls the CGI- 
module-provided escapeHTML routine to fix all the HTML 
entities but also changes all remaining spaces to non-break¬ 
ing spaces, f ixname crunches a string so that it’s a legal, 
unique, anchor name (for the expected dataset). 

That’s it. Stick it into a filepath (not in a location for your 
Web server’s CGI and not necessarily in your PATH) and 
then run it frequently. You too will have the latest headlines 
from CNN. Hopefully, you’ll see a few new gizmos and gad¬ 
gets to steal for your own code. Enjoy! 


Randal L. Schwartz is the chief Perl gum at Stonehenge Con¬ 
sulting and co-author of Learning Perl and Programming Perl. 
He can be reached at merlyn@stonehenge.com. Code listings 
for this column can be found at: http://www.stonehenge.com/ 
merlyn/LinuxMag/ 
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Top Tech Support Questions 

By Drew Streib 


l would like to be able to 
save copies of all my inbound 
e-mail for backup purposes. 
How can I do this? m 

This is easily accomplished with a pro¬ 
gram named procmail I won’t go into 
the installation and setup of procmail 
itself, since most package systems 
(RPM, DEB) now do this quite nicely 
for you. If you already have an account 
on a Linux system (or your own sys¬ 
tem), chances are good that procmail is 
already setup and configured. If not, 
contact your system administrator or 
try installation via your distribution’s 
package manager. 

To quickly find out if procmail is al¬ 
ready installed on your system, issue 
the following command: 

# which procmail 

A successful installation should dis¬ 
play the location of procmail on your 
system (probably /nsr/bin/procmail). 

If procmail is installed, the rest is 
easy. If there isn’t one already, create 
a .procmailrc file in your home direc¬ 
tory with permissions 0700. 

# touch ~/.procmailrc 

# chmod 0700 ~/.procmailrc 

There are many options for procmail 
‘recipes’ (the configuration sections 
that determine what to do with differ¬ 
ent kinds of e-mail). Some of these are 
explained in the man page for 
procmailrc. 

# man procmailrc 

For a simple start though, try the fol¬ 


lowing in the .procmailrc file, substitut¬ 
ing your own information where it is 
appropriate. 

LOGFILE=$HOME/.procmail-log 
: 0 c: 

/home/d type/Mail /backup 
: 0 c: 

* A FROMdtype@dtype.org 
/home/dtype/Mail/sent-mail 

: 0 

* A Sender: owner-1inux-kernel 
/home/dtype/Mai1/1inux-kernel 

The LOGFILE entry specifies a file 
for procmail to log all activity to. This 
should be the first place you check if 
there are any problems. 

There are three different entries in 
this .procmailrc file. The first entry spe¬ 
cifies a file to save all mail for backup 
purposes (in this case, /home/dtype/ 
Mail/backup). The c: part tells proc¬ 
mail to save the mail and to continue 
with normal mail processing, includ¬ 
ing the rest of the configuration file. 
Without this, all of your mail would 
be saved to the backup file and no¬ 
where else. 

If you would like to save your out¬ 
bound mail for tracking purposes, an¬ 
other entry for outbound mail is also 
included. 

The last entry is an example of us¬ 
ing procmail to sort inbound mail for 
a particular mailing list, in this case 
the linux-kemel mailing list. Procmail 
will look for the text owner - 1 inux - 
kernel in the Sender: header of the 
mail. Note that the c: is missing here 
because we want the mail to be deliv¬ 


ered to this mailbox and not to the 
Inbox as well. 

Try sending yourself some mail to 
verify the proper operation of procmail. 
You should see at least a procmail log 
entry and a copy of the mail in the 
backup folder. 

If you do not see this, then you will 
need to verify the procmail installation. 
/var/log/maillog is a pretty good place 
to start. 

This should get you started. You can 
do a lot with procmail , and it is worth 
learning if you need to manage a great 
deal of mail. At the very least, it is very 
useful for the backup purposes de¬ 
scribed above. 

I would like to share data 
between operating systems on a 
dual-boot system. What is the 
recommended way to do tills? 

If there’s one thing that Linux is good 
at, it’s sharing. There are a lot of ways 
to share files from different filesystems. 
Some people recommend creating a 
separate FAT partition for sharing be¬ 
tween operating systems, but a more 
elegant solution is to allow each OS to 
mount the other’s filesystem. 

Until fairly recently, there weren’t 
any good utilities for mounting an ext2 
(Linux) filesystem under Windows. 
However, Linux has always been able 
to easily read and write to Windows/ 
DOS FAT filesystems. Many Windows 
tools for reading and writing to ext2 
filesystems have emerged recently, but 
by and large these are far less trust¬ 
worthy than the existing Linux tools 
for sharing filesystems. 

In order to mount the FAT filesystem 
under Linux, your kernel will need to 
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Figure One: Configuring Apache for Wake One Semantics 

# CFLAGS='-DSINGLE_LISTEN_UNSERIALIZED_ACCEPT' ./configure 


contain the appropriate support. Most 
default kernels already include this 
support, but if you are compiling your 
own kernel, be sure to include FAT 
and VFAT filesystem support. If you’d 
prefer not to compile it into your ker¬ 
nel, FAT and VFAT support are also av¬ 
ailable as loadable modules. 

In any case, to start sharing filesys¬ 
tems you’ll need to first create a mount 
point under Linux. This can be any 
directory in the filesystem that you 
want, but it’s helpful to use a name 
that makes sense (such as /mnt/msdos 
for this example). 

# mkdir /mnt/msdos 

You will then need to add a line to 
your /etc/fstab for the FAT filesystem. 
If your kernel contains VFAT support, 
you’ll be able to view and edit the long 
filenames used by modern versions of 
Windows. 

Try adding the following line to /etc/ 
fstab (note that in this example, we 
used the third partition /hda2 on our 
hard disk — you will, of course, need 
to substitute the proper partition for 
your system): 

/dev/hda2 /mnt/msdos vfat defaults 0 1 

If you don’t want this filesystem 
to be automatically mounted at boot 
time, you can add a , noauto after 
the defaults option. You should now 
be able to mount the Windows parti¬ 
tion as the root user. 

# mount /mnt/msdos 

If you get any errors about a bad 
filesystem, then you have likely spec¬ 
ified the wrong partition. At this point, 
you should probably verify the parti¬ 
tion and retry. 

If you get an error regarding kernel 
support for the vfat filesystem, try 


changing the /etc/fstab entry from 
vfat to msdos. If this works, then 
your kernel doesn’t have support for 
Windows’ long filenames. If this does 
not work, your kernel does not have 
the proper filesystem support for any 
DOS or Windows filesystems. 

Assuming that everything did work, 
however, you should now be able to 
access your Windows data from Linux 
under the /mnt/msdos mount point (or 
whatever mount point you created). If 
you set this up as shown above, only 
root will be able to write to these files. 
Keep in mind that the FAT filesystem 
does not include user permissions 
support. 

I’m trying to service a lot of 
connections via Apache. I have 
hard configured the number of 
Apache children to 1000 in order 
to minimize process spinup time. 
The box performance is bad 
and occasionally even refuses 
connections. Any ideas? 

You’re likely running into a problem 
often referred to as the “thundering 
herd.” It is well documented with Ap¬ 
ache and Linux, and there are several 
ways to work around it. 

In Linux, this condition usually 
stems from the process “wake seman¬ 
tics.” When a new connection arrives 
to be serviced in Apache/Linux, all of 
the sleeping processes are notified. 
All of these processes will then all try 
to take control of the new connection. 
However, only one of them will suc¬ 
ceed, and the others will fail and re¬ 
turn to their sleeping state. This is re¬ 
ferred to as wake all semantics. Linux 
2.2 and older kernels operate in this 
manner. 

When there are only a few sleeping 
Apache processes, this isn’t a problem. 
Apache normally will scale the num¬ 
ber of sleeping processes using the 


MinSpareServers and MaxSpareServers 
configuration variables from httpd. 
conf. Setting the MaxSpareServers to 
an abnormally high value, however, 
can potentially cause performance 
problems. I usually set it to between 
five and ten percent of the MaxClients 
value. 

If you are setting the MaxSpareSer¬ 
vers value abnormally high, tuning it 
down may result in an immediate per¬ 
formance gain. 

Some kernels don’t suffer from this 
problem because of an ability to uti¬ 
lize ‘wake one’ semantics, which allow 
a single process to be awakened for 
each inbound connection. The BSDs 
are capable of this, as is the Linux 2.4 
kernel. 

In order to take advantage of these 
semantics, Apache must be compiled 
with a particular option. When con¬ 
figuring Apache for the 2.4 kernel, try 
issuing the command that is shown in 
Figure One before compiling. This may 
improve performance on kernels cap¬ 
able of wake one semantics. 

There are a variety of tuning para¬ 
meters for servicing high numbers of 
network connections. Apache has a 
built-in hard limit for the maximum 
number of connections allowed, re¬ 
quiring a recompile to set this higher 
than 256. 

Linux will also require some /proc 
filesystem tuning in order to accom¬ 
modate high-capacity servers. You will 
also want to look at Linux’s compiled- 
in process, system-wide, and per-user 
limits. 

In short, there are a lot of things to 
be aware of when tuning for high num¬ 
bers of Apache processes/connections. 
The “thundering herd” condition is 
perhaps one of the most overlooked 
problems, but there are a variety of 
other factors to consider. 

More information about tuning 
Apache for high numbers of connec¬ 
tions can be found at http://linuxperf. 
nl. linux. org/webserving . 


Drew Streib is a coder ; admin , and writ¬ 
er with VA Linux Systems. He can be 
reached at tech@linux-mag.com. 
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Zonker’s Product Picks 

By Joe “Zonker” Brockmeier 




Disk 


Xtender 1 


fUSKXtender 2000: Infinite Storage 

It’s commonly believed that you can never be too rich or too 
thin. This isn’t always true; just look at Calista Flockhart. Money and skinniness 
aside, one thing you truly can’t have enough of is data-storage space. No matter 
how much space you have, it’ll be filled eventually — especially in a production 
environment, especially at the end of a fiscal quarter. 

To the rescue comes DISKXtender for Linux. DISKXtender doesn’t actually buy 
more storage space, but rather allows for the seamless integration of additional stor¬ 
age as needed. DISKXtender also enables distributed data access and reduces the 
overall cost of data management. 

DISKXtender supports optical, tape, and DVD storage media. It is sold on a tiered 
pricing plan, based on storage capacity, and starting at $10,000, is a bit pricey. It’s 
a product of OTG Software, based in Bethseda, MD. http://www.otg.com 


Moils I .is Better Browsing 

Browsing on Linux is getting good. The latest build from the 
Mozilla project is fast, stable, and looks pretty. Netscape went 
open source nearly two years ago, and it appears that the 
Mozilla project is finally starting to bear fruit. The latest Mo¬ 
zilla build seems much more stable than even the 4.7 line of 
Netscape browsers, and the recent Netscape 6 release is based 
on Mozilla 0.6. 

Mozilla touts the best W3C standards support of any browser 
and allows the user to customize its appearance using themed 
skins, which are available from a number of sites. 

Grab the latest Mozilla build from Mozilla Project’s Web site 

at http://www.mozilla.org. 

#> 1noz1ll0.org 


Snort; Sniffing 
Intruders Out 

Snort is a must-have 
program for the secu¬ 
rity conscious. The in¬ 
trusion-detection program performs real-time packet log¬ 
ging and traffic analysis on IP networks. It’s used to de¬ 
tect attacks and probes on IP networks, including port 
scans, buffer overflows, attempts to detect a host’s OS, and 
many other intrusion schemes. 

Snort runs on a variety of operating systems and plat¬ 
forms, including Linux, *BSD, SunOS and Solaris, AIX, 
and even Mac OS X Server. Snort is distributed under the 
GNU Public License and is written by Marty Roesch and 
a number of other contributors, http://www.snort.org/. 



Goi@IN@av§rs Wine: 2001 is a Good Year for Wine 

The Wine project has been around for quite some time. However, installation and configuration has gener¬ 
ally been beyond the capacity of mere mortals. Wine is designed to run Windows 
programs under Linux, allowing migrating users to utilize their favorite appli¬ 
cations without switching back and forth between the two. While Wine isn’t quite 
there yet, it’s pretty darn close, and now many Windows apps run well on it. 

Code Weaver’s release of Wine features a number of enhancements that make 
it easier for non-gurus to install and use. Code Weaver’s Wine comes with a con¬ 
figuration wizard that’s friendly and fairly easy to use. Once you’ve installed 
Wine, the Wine Launcher utilizes a friendlier interface for presenting status and 
diagnostic information. For more information and downloads, visit CodeWeav- 
er’s Wine site at http://wine.codeweavers.com. 
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BIsckAdler; Portable Python 

Python developers have a new tool to add to their arsenal. The Kompany’s Black- 
Adder Python IDE will slither its way into their hearts. BlackAdder is a full-fea¬ 
tured IDE for Python that includes syntax highlighting, cross-platform ODBC inter¬ 
faces, and a debugger. 

BlackAdder comes in a Linux and/or Windows version, so companies with mixed 
development environments can provide their Linux and Windows developers with 
the same interface. That’s not all folks! BlackAdder also generates cross-platform 
code, so Python apps developed with BlackAdder run on Windows or Linux. 

The BlackAdder IDE is available for personal use at $79.99 and for 
business use starting at $399, which includes both Linux and Windows versions. http://www. 
thekompany.com/products/blackadder. 




theKOMPANY* 


Gimp 1.2: Graphics Goodness Galore 

In case you hadn’t heard, there’s a new GIMP in town. 
Version 1.2 was released with even less fanfare from the de¬ 
velopers (if that’s possible) than the 2.4 kernel. 

For the uninitiated, the GIMP is the GNU Image Man¬ 
ipulation Program. It’s a Photoshop clone for Linux that is 
great for creating Web graphics and touching up photos and 
other graphical works. The GIMP comes with a number of 
plugins for image manipulation and opens nearly every 
image format. While the GIMP is easy to get started with, it 
also has many advanced features that, once mastered, will 
yield spectacular results. The GIMP is dis¬ 
tributed under the GNU Public License. 

To grab the latest version of the GIMP, 
check out the GIMP homepage at 
http: //www. gimp. org. ^ 



stormix 

TECHNOLOGIES INC 


Storm Strike 1U Server: 
Servin’ Up a Storm 



Storm’s Strike Server is more than just a sexy bit of hard¬ 
ware. It’s an easy to administer server that spares space in 
the server room. 

Strike comes preloaded with Stormix, Storm’s version of 
Debian GNU/Linux. Configuring your Strike server is easy 
enough. You can use either the LCD control panel on the 
unit or configure it remotely through the Stormix Web inter¬ 
face. The Strike Server is a 1U rack unit that’s available in a 
number of configurations, including single and dual CPU, 
IDE or SCSI disks, up to 1 GB of RAM, and up to three Eth¬ 
ernet NICs. 

Stormix Technologies is based in Vancouver, British Colum¬ 
bia. You can find out more about Stormix and the Strike 
server at http://www.stormix.com. 




VISUAL 

SlickEdit 


Visual SlickEdit: Edit in Style 

MicroEdge’s Visual SlickEdit is loaded with features for pro¬ 
grammers who need a little more oomph in their editor. Visual 


, JW 

y ' y u , . 


SlickEdit features support for just about every FTP client, allowing you to man¬ 
age your files nearly transparently via FTP. SlickEdit also emulates vi, Emacs, and even Visual C++ for 
programmers who want to make the switch but are afraid of losing their “touch.” SlickEdit is full-fea¬ 
tured, having tons of bells and whistles and allowing for hex editing, syntax highlighting, three-way 
file merge, and drag-and-drop editing. A new feature to SlickEdit 6.0 is DIFFzilla, an advanced differ¬ 
encing tool that allows for viewing and merging changes from two files, directories, or source trees. 

SlickEdit is a product of MicroEdge and is available for Linux, Solaris, AIX, HP-UX, IRIX, Windows, and 
several other platforms. SlickEdit starts at $295 for Linux and is available at http:// www.slickedit.com. 


Got a product pick of your own for Zonker? Drop him a line at zonker@linux-mag.com. 
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Software Development 




FEED YOUR HEAD 



/he SD Conference and Expo is chock-full of essential 
ingredients for the professional developer. Only SD offers 
a curriculum that is wide, deep and relevant to help solve 
your daily development challenges. From languages like 
Java, C++, XML to cross platform integration to architecture, 
design and management - SD has it all. 

For the complete menu , visit our website at www.sdexpo.com 
or call 1.800.441.8826. 


VOTED f INFERENCE 
FOR SD TEAMS 1 !!! 


Visit sdexptKcom J 

for more information 


SanTJoseTlCaliforniai 




PREMIERING THIS YEAR I 

WEB/^ERVICES 

WORLD 

A two day conference-within-a- 
v conference devoted to the open 
standards of service-oriented 
architecture in support of the 
UDDI initiative. 

^ Don't miss this 

ground-breaking event! 















































Is no doubt, I am 
Lord of legion of Evil. 
Amhavinkmanywery 
obedient minions, who 
am trickink to leave jobs 
in Nike factories. 

They are workink hard, 
but am always lookink for 
ways to make more cash 
money with talented but 
foolish mortals, 

SoamusinkLinux.ls 
like bait for geeks. 
They are thinkink, 
"He is usink Linux, he 
must he wery smart 
and wery nice man. 
I will work for him." 

Of course, by this time, 
have already chained 
geek to oar. 

(Needink another 42 
geeks. Triremes, they are 
hard to fill with oar slavesJ 


"Where is your despotism?" 

COPYRIGHT © 2001 ILLIAD http://www.userfriendly.org/ 




DarkSide Dave 
For Columbia Internet: 







How to achieve double-digit productivity gains 
and seven-digit cost savings: 


Now you can get supercomputing power without the super- 
sized price tag. TurboLinux software can make your existing 
IT infrastructure work harder by creating high-performance 
clusters with the equipment you already own, whether you're 
running Linux, UNIX, or Windows NT/2000. Our clustering 
technology has helped financial powerhouse J.P. Morgan 
harness the idle CPU cycles on hundreds of Windows NT 
workstations. They're running complex derivatives models 
faster—and they're saving $7 million a year. Easy to manage 
and completely scalable, TurboLinux solutions offer one 
more thing: peace of mind. Our knowledgeable trainers and 
consultants can help you get started and keep your 
enterprise running at peak efficiency. 

How to learn more: 

In the U.S., give us a call at (650) 228-5093. Or visit us online 
at www.turbolinux.com/learnmore/savings.html. 


turbolinux 

Powerful Thinking. 


'trademark of Linus Torvalds. All other trademarks are the property of their respective owners. 
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Become a Red Hat Certified Engineer—the most popular, most respected 




You know no job is forever. Bosses leave, departments 
change, budgets disappear. But with the right skills you 
can make yourself invaluable. 


Prepare through intensive hands-on classroom instruction or 
via eLearning. We'll teach you today's most critical network 
services. We'll test you on live equipment. 


Red Hat Certified Engineer™ tests your ability to install 
and configure Linux®, as well as file systems, security, and 
open source applications like Apache and Sendmail. 


When you succeed, the skills, job security, and the confidence 
that goes with it are all yours. Along with the best four letters 
of recommendation you'll ever earn: RHCE™. 




© 2000 Red Hat, Inc. All rights reserved. Red Hat and the Red Hat "Shadow Man" logo are 
trademarks or registered trademarks of Red Hat, Inc. in the US and other countries. 
Linux is a registered trademark of Linus Torvalds. All other trademarks are the property 
of their respective owners. 


www.redhat.com/training 



Good guys wear red hats. 















